⦿ 해커, PHP Git 서버 해킹하고 소스코드에 백도어 설치 - 2021.03.29

 

 

 

 

⦿ 북한 해커 조직, 1월에 이어 또 보안 전문가들 대상 표적 공격 시도 - 2021.04.01

 

 

 

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 5주)  (0) 2021.04.01
기술 문서 자료(2021.03 - 4주)  (0) 2021.03.30
주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08

[Exploitation]

⦿ Playing in the (Windows) Sandbox - Alex Ilgayev

https://research.checkpoint.com/2021/playing-in-the-windows-sandbox/

 

⦿ Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution -  Alfred Farrugia

https://www.rtcsec.com/post/2021/03/bug-discovery-diaries-abusing-voipmonitor-for-remote-code-execution/

 

⦿ Constraint-guided Directed Greybox Fuzzing - Gwangmu Lee & Woochul Shim

https://lifeasageek.github.io/papers/gwangmu-cafl.pdf

 

⦿ Exchange attack chain CVE-2021-26855&CVE-2021-27065 analysis - HuanGMz

https://paper.seebug.org/1501/

 

⦿ CVE-2021-1732: win32kfull xxxCreateWindowEx callback out-of-bounds - iamelli0t

https://iamelli0t.github.io/2021/03/25/CVE-2021-1732.html

 

⦿ macOS: Integer overflow in CoreGraphics leading to out-of-bounds write when rendering fonts - Ivan Fatric

https://bugs.chromium.org/p/project-zero/issues/detail?id=2130

 

⦿ ProxyLogon vulnerability analysis - Mail Exchange RCE (Perfect combination CVE-2021–26855 + CVE-2021–27065) - Jang

https://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-proxylogon-mail-exchange-rce-s%E1%BB%B1-k%E1%BA%BFt-h%E1%BB%A3p-ho%C3%A0n-h%E1%BA%A3o-cve-2021-26855-37f4b6e06265

 

⦿ One day short of a full chain: Part 1 - Android Kernel arbitrary code execution - Man Yue Mo

https://securitylab.github.com/research/one_day_short_of_a_fullchain_android

 

⦿ One day short of a full chain: Part 2 - Chrome sandbox escape - Man Yue Mo

https://securitylab.github.com/research/one_day_short_of_a_fullchain_sbx

 

⦿ Alternative Code Execution - S4R1N

https://github.com/S4R1N/AlternativeShellcodeExec

 

⦿ Using Syscalls to Inject Shellcode on Windows - solomonsklash

https://www.solomonsklash.io/syscalls-for-shellcode-injection.html

 

⦿ Exploiting XPC in AntiVirus - Wojciech Regula & Csaba Fitzl

https://www.slideshare.net/CsabaFitzl/exploiting-xpc-in-antivirus

 

⦿ EXPRACE: Exploiting Kernel Races through Raising Interrupts - Yoochan Lee & Chanwoo Min

https://lifeasageek.github.io/papers/yoochan-exprace.pdf

 

 

[Web]

 

[Network]

 

[Cyber Operation, Malware]

⦿ New Mirai Variant Targeting Network Security Devices - Vaibhav Singhal, Ruchna Nigam

https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities

 

[리버싱, 펜테스팅, 분석]

⦿ Detecting Manual Syscalls from User Mode - jack-ullrich

https://winternl.com/detecting-manual-syscalls-from-user-mode/

 

⦿ How to extract Python source code from Py2App packed Mach-O Binaries - taha karim

https://lordx64.medium.com/how-to-extract-python-source-code-from-py2app-packed-mach-o-binaries-4da244e54c88

 

[CTF, Wargame]

 

[기타]

 

[툴]

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 5주)  (0) 2021.04.01
기술 문서 자료(2021.03 - 4주)  (0) 2021.03.30
주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08

⦿ 구글, 3개 Chrome 제로데이 발견 - 2021.03.12

 

⦿ 공격자가 루트 권한을 얻을 수 있는 15년 된 리눅스 커널 취약점 발견 - 2021.03.15

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 5주)  (0) 2021.04.01
기술 문서 자료(2021.03 - 4주)  (0) 2021.03.30
주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08

⦿ 중국 해커, MS Exchange 서버 악용하여 해외 기관 공격 - 2021.03.07

 

'기타' 카테고리의 다른 글

기술 문서 자료(2021.03 - 4주)  (0) 2021.03.30
주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02

⦿ 구글, 실제 공격에 악용되는 크롬 제로데이 취약점 수정 - 2021.03.03

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23

[Exploitation]

⦿ Anatomy of an Exploit: RCE with CVE-2020-1350 SIGRed - Valentina Palmiotti

https://www.graplsecurity.com/post/anatomy-of-an-exploit-rce-with-cve-2020-1350-sigred

 

⦿ Linux Kernel Exploitation Technique by overwriting modprobe_path - Midas

https://lkmidas.github.io/posts/20210223-linux-kernel-pwn-modprobe/

 

⦿ Microsoft DirectWrite heap-based buffer overflow in fsg_ExecuteGlyph while processing variable TTF fonts - Mateusz Jurczyk

https://bugs.chromium.org/p/project-zero/issues/detail?id=2123

 

⦿ Qualcomm IPQ40xx: Analysis of Critical QSEE Vulnerabilities - raelize

https://raelize.com/blog/qualcomm-ipq40xx-analysis-of-critical-qsee-vulnerabilities/

 

⦿ The curious case of CVE-2020-14381 - FrizN

https://blog.frizn.fr/linux-kernel/cve-2020-14381

 

⦿ Tianfu Cup Chrome full chain - Ade Taylor

https://bugs.chromium.org/p/chromium/issues/detail?id=1146670

 

⦿ Yet another RenderFrameHostImpl UAF - Lucas P

https://microsoftedge.github.io/edgevr/posts/yet-another-uaf/

 

 

[Web]

⦿ An Exploration of JSON Interoperability Vulnerabilities - Jake Miller

https://labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities

 

⦿ How I Might Have Hacked Any Microsoft Account - Laxman Muthiyah

https://thezerohack.com/how-i-might-have-hacked-any-microsoft-account

 

⦿ Top 10 web hacking techniques of 2020 - James Kettle

https://portswigger.net/research/top-10-web-hacking-techniques-of-2020

 

 

[Network]

 

 

[Cyber Operation, Malware]

⦿ APT 공격 보고서 및 샘플 - vx underground

https://vx-underground.org/apts.html

 

⦿ China-Linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions - Recorded Future

https://go.recordedfuture.com/hubfs/reports/cta-2021-0228.pdf

 

⦿ Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight - TONY LAMBERT

https://redcanary.com/blog/clipping-silver-sparrows-wings/

 

⦿ Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities - Josh Grunzweig, Matthew Meltzer

https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/

 

⦿ Sandbox detection and evasion techniques. How malware has evolved over the last 10 years - Positive Technologies

https://www.ptsecurity.com/ww-en/analytics/antisandbox-techniques

 

⦿ The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day - Eyal Itkin & Itay Cohen

https://research.checkpoint.com/2021/the-story-of-jian/

 

⦿ Writing a Custom Bootloader - ired.team

https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/writing-a-custom-bootloade

 

 

[리버싱, 펜테스팅, 분석]

 

[CTF, Wargame]

 

[기타]

 

[툴]

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05

⦿ NSA Equation Group 해킹 도구, 유출되기 전에 이미 중국이 사용했다고 밝혀져 - 2021.02.22

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29

[Exploitation]

⦿ CVE-2020-24581 D-Link DSL-2888A Remote Command Execution -  Stella Sebastian

D-Link DSL-2888A에서 발생하는 RCE 분석

https://reconshell.com/cve-2020-24581-d-link-dsl-2888a-remote-command-execution/

 

⦿ CVE-2020-27932: iOS Kernel privesc with turnstiles - Ian Beer

https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html

 

⦿ Exploiting crash handlers: LPE on Ubuntu - Itai Greenhut

https://alephsecurity.com/2021/02/16/apport-lpe/

 

⦿ Hunting for bugs in Telegram's animated stickers remote attack surface - shielder

https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/

 

⦿ Kernel Pwnable repo - smallkirby

https://github.com/smallkirby/kernelpwn

 

⦿ Microsoft Hyper-V Virtual Network Switch VmsMpCommonPvtSetRequestCommon Out of Bounds Read - Alisa Esage Шевченко

https://zerodayengineering.com/blog/hyper-v-vmswitch-oobr.html

 

⦿ WINDOWS KERNEL ZERO-DAY EXPLOIT (CVE-2021-1732) IS USED BY BITTER APT IN TARGETED ATTACK - DBAPPSecurity

https://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack/

 

⦿ ZDI-20-1440 Writeup - HexRabbit

https://blog.hexrabbit.io/2021/02/07/ZDI-20-1440-writeup/

 

 

[Web]

⦿ Escalating SSRF to RCE - Alserda(sanderwind)

https://sanderwind.medium.com/escalating-ssrf-to-rce-7c0147371c40

 

 

[Network]

⦿ Relaying 101 - Daniel

https://luemmelsec.github.io/Relaying-101/

 

 

 

[Cyber Operation, Malware]

⦿ Egregor Ransomware - An In-Depth Analysis - Tom Roter

https://blog.minerva-labs.com/egregor-ransomware-an-in-depth-analysis

 

⦿ Internals of Lazarus Operation Dream Job - 0xthreatintel

https://0xthreatintel.medium.com/internals-of-lazarus-operation-dream-job-7ced9fc7da3e

 

 

[리버싱, 펜테스팅, 분석]

⦿ Analyzing Clubhouse for fun and profit - Theori

https://theori.io/research/korean/analyzing-clubhouse/

 

⦿ Kubernetes Pentest Methodology - Or Ida

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3

 

⦿ Methodology for Static Reverse Engineering of Windows Kernel Drivers - Matt Hand

https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83

 

⦿ Pentest Tips and Tricks - jivoi

https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/

https://jivoi.github.io/2015/08/21/pentest-tips-and-tricks-number-2/

 

⦿ Remote Desktop Connection (mstsc.exe) Screen in a Memory Dump Analysis - Rifqi Ardia Ramadhan

https://medium.com/mii-cybersec/remote-desktop-connection-mstsc-exe-screen-in-a-memory-dump-analysis-e7e00895dd4a

 

⦿ Using eBPF to uncover in-memory loading - Pat H

eBPF를 이용하여 멀웨어가 파이프를 사용하여 인 메모리 로드를 수행할 때 기록하는 방법

https://blog.tofile.dev/2021/02/15/ebpf-01.html

 

 

[CTF, Wargame]

⦿ Book HackTheBox Walkthrough - Raj Chandel

hackingarticles.in/book-hackthebox-walkthrough/

 

⦿ Remote HackTheBox Walkthrough - Raj Chandel

https://www.hackingarticles.in/remote-hackthebox-walkthrough/

 

 

[기타]

⦿ Line CTF

- Date: 20.03.2021 00:00 UTC ~ 21.03.2021 00:00 UTC (24 hours)

https://linectf.me

 

⦿ Quarkslab Challenge

https://quarkslab.com/challenge-quarkslab-2021/

 

[툴]

 

 

 

 

 

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28

+ Recent posts