Xerox legal threat reportedly silences researcher at Infiltrate security conference Security News & Discussion

---

• Xerox legal threat reportedly silences researcher at Infiltrate security conference
• How I Might Have Hacked Any Microsoft Account
• PoC Exploit in SaltStack Minion
• Introduction to privilege escalation + Basic examples of abusing elevation control mechanisms
• CVE-2020-28243 - SaltStack Minion LPE
• Best Practices to Mitigate JSON Interoperability Vulnerabilities
• CertWatcher — Automating Certificate Transparency OSINT with Apps Script
• NATO approved firewall: Highly critical authentication bypass vuln & PoC video
• Hunting for Bugs in Windows Mini-Filter Drivers
• The Hafnium Threat Group is targeting Exchange Servers with 0-day exploits. Detection commands to search for potential exploitation are included in the article (Immediately update exchange servers).
• Unauth cmd injection as root on login / logout (plus other hilarious vulns) in Micro Focus Operations Bridge Reporter
• Qualcomm IPQ40xx: Analysis of Critical QSEE Vulnerabilities
• Alternative Shellcode Injection via windows callback functions. I am still working on this and will update it as I find more. More info about callback functions here: https://docs.microsoft.com/en-us/dotnet/framework/interop/callback-functions
• dwisiswant0/stargather - A fast GitHub stargazers information gathering tool

Xerox legal threat reportedly silences researcher at Infiltrate security conference Posted: 02 Mar 2021 08:17 AM PST submitted by /u/n3d [link] [comments]

How I Might Have Hacked Any Microsoft Account Posted: 02 Mar 2021 07:35 AM PST submitted by /u/laxmanmuthiyah [link] [comments]

PoC Exploit in SaltStack Minion Posted: 01 Mar 2021 11:48 PM PST submitted by /u/ahmedm0hamed007 [link] [comments]

Introduction to privilege escalation + Basic examples of abusing elevation control mechanisms Posted: 02 Mar 2021 11:31 AM PST submitted by /u/capitangolo [link] [comments]

CVE-2020-28243 - SaltStack Minion LPE Posted: 01 Mar 2021 11:47 PM PST submitted by /u/ahmedm0hamed007 [link] [comments]

Best Practices to Mitigate JSON Interoperability Vulnerabilities Posted: 02 Mar 2021 10:53 AM PST submitted by /u/csalazars [link] [comments]

CertWatcher — Automating Certificate Transparency OSINT with Apps Script Posted: 02 Mar 2021 06:59 AM PST submitted by /u/cyberbutler [link] [comments]

NATO approved firewall: Highly critical authentication bypass vuln & PoC video Posted: 02 Mar 2021 12:41 PM PST submitted by /u/0x9000 [link] [comments]

Hunting for Bugs in Windows Mini-Filter Drivers Posted: 01 Mar 2021 11:03 PM PST submitted by /u/0xdea [link] [comments]

The Hafnium Threat Group is targeting Exchange Servers with 0-day exploits. Detection commands to search for potential exploitation are included in the article (Immediately update exchange servers). Posted: 02 Mar 2021 02:43 PM PST submitted by /u/malware_bender [link] [comments]

Unauth cmd injection as root on login / logout (plus other hilarious vulns) in Micro Focus Operations Bridge Reporter Posted: 02 Mar 2021 03:04 AM PST submitted by /u/ChoiceGrapefruit0 [link] [comments]

Qualcomm IPQ40xx: Analysis of Critical QSEE Vulnerabilities Posted: 02 Mar 2021 07:39 AM PST submitted by /u/tieknimmers [link] [comments]

Alternative Shellcode Injection via windows callback functions. I am still working on this and will update it as I find more. More info about callback functions here: https://docs.microsoft.com/en-us/dotnet/framework/interop/callback-functions Posted: 01 Mar 2021 01:59 PM PST submitted by /u/-s4r1n- [link] [comments]

dwisiswant0/stargather - A fast GitHub stargazers information gathering tool Posted: 01 Mar 2021 07:09 PM PST submitted by /u/dwisiswant0 [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States