Last Week in Security (LWiS) - 2023-03-07
Cobalt Strike 4.8 (@gregdarwin), Timeroasting, Mythic 3.0 (@its_a_feature_), LastPass breach saga continues, CosmosDB XSS to account takeover (@Creastery), 😈 chrome extension (@mattfriz), and more!
Cobalt Strike 4.8 (@gregdarwin), Timeroasting, Mythic 3.0 (@its_a_feature_), LastPass breach saga continues, CosmosDB XSS to account takeover (@Creastery), 😈 chrome extension (@mattfriz), and more!
FortiNAC RCE, NimPlant (@chvancooten), LPE via GPO (@decoder_it), bypassing Okta MFA (@n00py1), injection with NtQueueApcThreadEx (@LloydLabs), DKOM attacks on ETW providers (@FuzzySec), PCIe on Windows (@4lpine), and more!
Phishing in 2023 (@0xcsandker), SaltStack A-Salt (Alex Hill - @SkylightCyber), LocalPotato (@decoder_it + @elad_shamir), install4j XXE (@frycos), LPE in Avast (@Denis_Skvortcov), learning Semgrep (@jrozner), and more!
Pre-Auth RCE (@infosec_au + @TheGrandPew), IP phone pwnage (Dylan Pindur), GoAnywhere RCE (@frycos), Toyota supplier network hack (@XeEaton), PipeViewer (@g3rzi), reverse socks5 (@aceb0nd), certsync, and more!
HIVE takedown, Yandex leak, modern SEH hijacking (@BillDemirkapi), extending PersistAssist (@Gr1mmie ), Docmosis Tornado horror show (@frycos), RODC to DA (@elad_shamir), rendering Chrome to a terminal, and more!
No Fly List leak (@_nyancrimew), LogSlash (@4A4133), Okta issues (@varonis), ARM bug pwns Pixel (@mmolgtm), golddigger (@ustayready), APCLdr (@NUL0x4C), build your own SANS760 (@Void_Sec), SOCKS4a shellcode, and more!
SCCM relay to takeover (@_Mayyhem), LAPS 101 (@mega_spl0it), Sliver vs Havoc (@Naw), Defender LPE (@pixiepointsec), CircleCI post mortem, ASRmageddon, and more!
Korea's browser-ex problem (@WPalant), Prox-Ez (@b1two_ + @YofBalibump), car hacks (@samwcyo), Azure privesc (@_wald0), tons of direct syscall techniques, and more!
x64dbg scripts and plugins (@_n1ghtw0lf), ShellcodeMutator (@m0rv4i), Dirty-Vanity (@eliran_nissan), Windows Kernel dev 101 (@V3ded), detailed Chrome exploitation (@jack_halon), PassTheChallenge (@ly4k_) and more!
Apple data privacy, ChatGPT vs bug bounty, Syscall Hooks in Windows (@Denis_Skvortcov), SMSgate, Standalone Managed Service Accounts (@simondotsh), StealthHook (@x86matthew), and more!