- I recently discovered that all versions of Windows Server 2012 (but not Server 2012 R2) are affected by a DLL hijacking vulnerability that can be exploited for privilege escalation. This bug can be triggered by a regular user and does not require a system reboot. Here is my writeup:
- ServiceNow HelpTheHelpDesk Feature Leaked Administrative Creds for Hundreds of Customers
- Farming for Red Teams: Harvesting NetNTLM - @MDSecLabs
- Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted
- The Story of Jian - How APT31 stole and used an unknown Equation Group 0-Day
- COFFLoader: Building your own in memory loader or how to run BOFs
- Offensive Windows IPC Internals (Part 2)
- Security Logging in Cloud Environments - AWS
- Persis High-Level Human Resource Software HTML-injection (CVE-2020-35753)
| Posted: 22 Feb 2021 04:55 AM PST |
| ServiceNow HelpTheHelpDesk Feature Leaked Administrative Creds for Hundreds of Customers Posted: 21 Feb 2021 08:19 PM PST |
| Farming for Red Teams: Harvesting NetNTLM - @MDSecLabs Posted: 22 Feb 2021 10:13 AM PST |
| Flaws in Zoom’s Keybase App Kept Chat Images From Being Deleted Posted: 22 Feb 2021 10:43 AM PST |
| The Story of Jian - How APT31 stole and used an unknown Equation Group 0-Day Posted: 22 Feb 2021 03:01 AM PST |
| COFFLoader: Building your own in memory loader or how to run BOFs Posted: 22 Feb 2021 10:18 AM PST |
| Offensive Windows IPC Internals (Part 2) Posted: 21 Feb 2021 11:45 PM PST |
| Security Logging in Cloud Environments - AWS Posted: 22 Feb 2021 05:50 AM PST |
| Persis High-Level Human Resource Software HTML-injection (CVE-2020-35753) Posted: 22 Feb 2021 01:02 AM PST |
| You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment