Last Week in Security (LWiS) - 2021-10-19
macOS ESF playground (@jbradley89), Azure privesc via service principles (@_wald0), Java gadget finding (@hugow_vincent), malicious Azure AD OAuth2 (@nyxgeek), and more!
Showing only posts tagged LWiS. Show all posts.
Last Week in Security (LWiS) - 2021-10-11
iOS 15 IOMFB exploit (@AmarSaar), new lsass dumper (@thefLinkk), SharpCalendar (@sadpanda_sec), gcpHound (@desi_jarvis + @Richarjb), macOS SBX (@epsilan), and more!
Last Week in Security (LWiS) - 2021-10-06
OffensiveRust (@trickster012), persistence via preview panes (@matterpreter + @mutantvillian), decrypting CyberArk (@jelleverg), enumerate uncommon SMB shares (@podalirius_), and more!
Last Week in Security (LWiS) - 2021-09-28
PPLDump BOF (@the_bit_diddler), code-signed rootkits (@HackingThings), remote windows password resets (@n00py1), XSS to RCE (@whynotsecurity), FinSpy bootkit (@kaspersky), Azure brute-forceable endpoint (@DrAzureAD?), and no C2 drama!
Last Week in Security (LWiS) - 2021-09-20
OMI agent RCE in Azure (@shirtamari), dynamic mac malware RE (@philofishal), Teams spoofing (@mrd0x), AMD info disclosure (@kyREcon), CABless Word RCE (@Edu_Braun_0day), dBase fuzzing for code exec (@spaceraccoonsec), and more!
Last Week in Security (LWiS) - 2021-09-14
Word RCE, Advanced Nim tradecraft (@snovvcrash), TCC bypass (@_r3ggi), encrypted heap allocations (@waldoirc), vuln hunting with binary ninja (@renorobertr), token priv manipulation BOF (@the_bit_diddler + @hackersoup), Outlook for C2 (@0xBoku), automated DLL hijacking (@knight0x07), and more!
Last Week in Security (LWiS) - 2021-09-07
Mental models for offsec dev (@Jackson_T), lockscreen bypass (@KLINIX5), DLL hijacking/cloning (@Jean_Maes_1994), AV evasion framework (@bb_hacks), jailbreak detection defeat (@_Kc57), Kernel drivers against EDR (@synzack21), Golden SAML (@inversecos), and more!
Last Week in Security (LWiS) - 2021-08-23
iOS CSAM fallout, JS surveillance framework (@imp0rtp3 + @felixaime), 1Password dumper (@djhohnstein), Windows user behavior (@Oddvarmoe), BOF dev walkthrough (@0xBoku), support opensource (@porchetta_ind), and more!
Last Week in Security (LWiS) - 2021-08-16
ProFTPd UAF (@lockedbyte), API hacking (@hakluke and @Farah_Hawaa), file ext tricks (@mrd0x), built-in AD searching w/ADSI (@Gr1mmie), DCE/RPC fingerprints (@hdmoore), SAML issues (@joonas_fi), and more!
Last Week in Security (LWiS) - 2021-08-09
Cobalt Strike Updates (@joevest, @adamsvoboda), ProxyShell [another exchange RCE] (@orange_8361). DeployPrinterNightmare (@Flangvik), Pulse Connect patch bypass (@buffaloverflow), Snapcraft App exploitation (@itszn13), and more!
page 1 | older articles »