Last Week in Security (LWiS) - 2024-03-11
Midnight Blizzard vs Microsoft, Fuzzer dev (@h0mbre_), Browserless Entra flow (@_wald0), SCCM one-stop-shop (@subat0mik + @_Mayyhem + @garrfoster), and more!
Showing only posts tagged LWiS. Show all posts.
Last Week in Security (LWiS) - 2024-03-04
macOS LPE (@patch1t), Ivanti backdoors (@NVISO_Labs), ESC14 (@Jonas_B_K), token theft (@rootsecdev), LSASS dumping (@Octoberfest73), and more!
Last Week in Security (LWiS) - 2024-02-26
ConnectWise Vulnerabilities, open buckets (@pfiatde), SCCM takeover (@garrfoster), cloud to on-prem pivot (@chiragsavla94), WMI persistence (@Gr1mmie), and more!
Last Week in Security (LWiS) - 2024-02-19
ESC13 (@Jonas_B_K), Sandboxing syscalls (@h0mbre_), Cross Window Forgery (@PaulosYibelo), new Windows callback method (@daaximus), dangerous EntraID role (@_wald0), github-secrets (Tobias Madl of @Neodyme), and more!
Last Week in Security (LWiS) - 2024-02-12
LDAP tradecraft (@domchell), CreateRemoteThread saftey (@m417z), Lab automation (@W9HAX), LoFP (@br0k3ns0und), and more!
Last Week in Security (LWiS) - 2024-02-07
All the Ivanti 0days, FTX SIM swap (@briankrebs), Unmanaged CLR patching (@kyleavery_), Midnight Blizzard fallout (@_wald0), Arachne mythic webshell (@its_a_feature_ ), and more!
Last Week in Security (LWiS) - 2024-01-30
Fastly to block domain fronting 🔜, EDR bypass via VEH (@VirtualAllocEx), BOFHound enhancements (@Tw1sm), Frameless BITB (@waelmas01), Asus ndays (@suidpit + @Th3Zer0), and more!
Last Week in Security (LWiS) - 2024-01-23
Microsoft hacked, GraphStrike (@Octoberfest73), GPO based LPEs (@decoder_it), AwaitFuscator (@washi_dev), ProxyHelper2 (@hoodoer), and more!
Last Week in Security (LWiS) - 2024-01-15
SSPI in Python (@snovvcrash), executing shellcode from VBA (@TheXC3LL), Mirth Connect pre-auth RCE (@Horizon3Attack), Visual Studio LPE (@filip_dragovic), DLL injection LPE (@m417z), Android ARM64 reversing (@Dauntless), and more!
Last Week in Security (LWiS) - 2024-01-10
QR phishing (@pfiatde), SOCKS as C2 via SSH on Windows (@n00py1), Google Account takeover with persistence (@e11i0t_), Bitwarden access without password (@RedTeamPT), and more!
« newer articles | page 5 | older articles »