Last Week in Security (LWiS) - 2022-01-10
More JDNI to RCE (@jfrog), parallel loader (@peterwintrsmith and @cube0x0), MS signed phishing docs (@ptrpieter and @_DaWouw), IP-takeover vulns (@sebsalla), driver loading BOF dev (@cerbersec), and more!
Showing only posts tagged LWiS. Show all posts.
Last Week in Security (LWiS) - 2022-01-03
New RE training (@ZeroPeril), macOS Gatekeeper bypass (@ethicalhax + @patrickwardle), remote PS (@dazzyddos), LastPass breach? (@WPalant), Log4j to pwn Unifi (@sprocket_ed), O365 file spoof for phishing (@mrd0x), and more!
Last Week in Security (LWiS) - 2021-12-20
Explaining the 0click iOS exploit (@i41nbeer and @5aelo), new loader (@zux0x3a), first look at Nighthawk C2 (@peterwintrsmith and @modexpblog), new injection technique (@netero_1010), OST documentation (@_nwodtuhs), and more!
Last Week in Security (LWiS) - 2021-12-14
Log4j RCE, sAMAccountName [DA from any user] (@exploitph), XLAM tricks (@_DaWouw), Cobalt Strike 4.5 and MiTM (@joevest, @DidierStevens), CVEtrends (@SimonByte), additional Windows kernel tricks (@cerbersec), and more!
Last Week in Security (LWiS) - 2021-12-07
Windows LPE 0day (@KLINIX5), Windows 10 URI handler "RCE" (@positive_sec), detect anomalous TLS certs with ML (@NCCGroupInfosec), USB-over-ethernet vuln (@kasifdekel), bitlocker key leak (@theluemmel), Linux TIPC LPE (@bl4sty), Tartarus' Gate (@trickster012), abusing SecLogon (@splinter_code), and more!
Last Week in Security (LWiS) - 2021-11-22
AFL++ on Android (@Gr33nh4t), Qualcomm NPU exploits (@mmolgtm), sysWhipser research (@CaptMeelo), TPM sniffing (Julien Oberson), CheckCert and SQLRecon (@sanjivkawa), and more!
Last Week in Security (LWiS) - 2021-11-16
The future of NTLM relaying (@_EthicalChaos_), Windows updates for hackers (@bitsadmin), Syscall malware analysis (@m0rv4i), fighting EDRs in the kernel (@cerbersec), Living Off Trusted Sites (LOTS) Project (@mrd0x), and more!
Last Week in Security (LWiS) - 2021-11-08
DLL proxying helper BOFs (@the_bit_diddler), Cobalt Strike traffic decryption (@DidierStevens), CES/CEP on Linux (@duff22b), Kerberoasting OPSEC (@DebugPrivilege), certutil LOLbin replacement (@ElliotKillick), and more!
Last Week in Security (LWiS) - 2021-11-01
DLL proxying with artifact kit (@joevest), lateral movement 101 (@_RastaMouse), Windows kernel driver hooking (@cerbersec), macOS XAR arbitrary file write (@buffaloverflow), malapi.io launch (@mrd0x), protobuf in sqlmap (@APTortellini), and more!
Last Week in Security (LWiS) - 2021-10-27
Windows LPE 0day (@KLINIX5), and lots more!
page 1 | older articles »