⦿ 중국 해커, MS Exchange 서버 악용하여 해외 기관 공격 - 2021.03.07

 

'기타' 카테고리의 다른 글

기술 문서 자료(2021.03 - 4주)  (0) 2021.03.30
주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02

⦿ 구글, 실제 공격에 악용되는 크롬 제로데이 취약점 수정 - 2021.03.03

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 3주)  (0) 2021.03.18
주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23

[Exploitation]

⦿ Anatomy of an Exploit: RCE with CVE-2020-1350 SIGRed - Valentina Palmiotti

https://www.graplsecurity.com/post/anatomy-of-an-exploit-rce-with-cve-2020-1350-sigred

 

⦿ Linux Kernel Exploitation Technique by overwriting modprobe_path - Midas

https://lkmidas.github.io/posts/20210223-linux-kernel-pwn-modprobe/

 

⦿ Microsoft DirectWrite heap-based buffer overflow in fsg_ExecuteGlyph while processing variable TTF fonts - Mateusz Jurczyk

https://bugs.chromium.org/p/project-zero/issues/detail?id=2123

 

⦿ Qualcomm IPQ40xx: Analysis of Critical QSEE Vulnerabilities - raelize

https://raelize.com/blog/qualcomm-ipq40xx-analysis-of-critical-qsee-vulnerabilities/

 

⦿ The curious case of CVE-2020-14381 - FrizN

https://blog.frizn.fr/linux-kernel/cve-2020-14381

 

⦿ Tianfu Cup Chrome full chain - Ade Taylor

https://bugs.chromium.org/p/chromium/issues/detail?id=1146670

 

⦿ Yet another RenderFrameHostImpl UAF - Lucas P

https://microsoftedge.github.io/edgevr/posts/yet-another-uaf/

 

 

[Web]

⦿ An Exploration of JSON Interoperability Vulnerabilities - Jake Miller

https://labs.bishopfox.com/tech-blog/an-exploration-of-json-interoperability-vulnerabilities

 

⦿ How I Might Have Hacked Any Microsoft Account - Laxman Muthiyah

https://thezerohack.com/how-i-might-have-hacked-any-microsoft-account

 

⦿ Top 10 web hacking techniques of 2020 - James Kettle

https://portswigger.net/research/top-10-web-hacking-techniques-of-2020

 

 

[Network]

 

 

[Cyber Operation, Malware]

⦿ APT 공격 보고서 및 샘플 - vx underground

https://vx-underground.org/apts.html

 

⦿ China-Linked Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions - Recorded Future

https://go.recordedfuture.com/hubfs/reports/cta-2021-0228.pdf

 

⦿ Clipping Silver Sparrow’s wings: Outing macOS malware before it takes flight - TONY LAMBERT

https://redcanary.com/blog/clipping-silver-sparrows-wings/

 

⦿ Operation Exchange Marauder: Active Exploitation of Multiple Zero-Day Microsoft Exchange Vulnerabilities - Josh Grunzweig, Matthew Meltzer

https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/

 

⦿ Sandbox detection and evasion techniques. How malware has evolved over the last 10 years - Positive Technologies

https://www.ptsecurity.com/ww-en/analytics/antisandbox-techniques

 

⦿ The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day - Eyal Itkin & Itay Cohen

https://research.checkpoint.com/2021/the-story-of-jian/

 

⦿ Writing a Custom Bootloader - ired.team

https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/writing-a-custom-bootloade

 

 

[리버싱, 펜테스팅, 분석]

 

[CTF, Wargame]

 

[기타]

 

[툴]

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 2주)  (0) 2021.03.16
주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05

⦿ NSA Equation Group 해킹 도구, 유출되기 전에 이미 중국이 사용했다고 밝혀져 - 2021.02.22

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.03 - 1주)  (0) 2021.03.08
기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29

[Exploitation]

⦿ CVE-2020-24581 D-Link DSL-2888A Remote Command Execution -  Stella Sebastian

D-Link DSL-2888A에서 발생하는 RCE 분석

https://reconshell.com/cve-2020-24581-d-link-dsl-2888a-remote-command-execution/

 

⦿ CVE-2020-27932: iOS Kernel privesc with turnstiles - Ian Beer

https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html

 

⦿ Exploiting crash handlers: LPE on Ubuntu - Itai Greenhut

https://alephsecurity.com/2021/02/16/apport-lpe/

 

⦿ Hunting for bugs in Telegram's animated stickers remote attack surface - shielder

https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/

 

⦿ Kernel Pwnable repo - smallkirby

https://github.com/smallkirby/kernelpwn

 

⦿ Microsoft Hyper-V Virtual Network Switch VmsMpCommonPvtSetRequestCommon Out of Bounds Read - Alisa Esage Шевченко

https://zerodayengineering.com/blog/hyper-v-vmswitch-oobr.html

 

⦿ WINDOWS KERNEL ZERO-DAY EXPLOIT (CVE-2021-1732) IS USED BY BITTER APT IN TARGETED ATTACK - DBAPPSecurity

https://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack/

 

⦿ ZDI-20-1440 Writeup - HexRabbit

https://blog.hexrabbit.io/2021/02/07/ZDI-20-1440-writeup/

 

 

[Web]

⦿ Escalating SSRF to RCE - Alserda(sanderwind)

https://sanderwind.medium.com/escalating-ssrf-to-rce-7c0147371c40

 

 

[Network]

⦿ Relaying 101 - Daniel

https://luemmelsec.github.io/Relaying-101/

 

 

 

[Cyber Operation, Malware]

⦿ Egregor Ransomware - An In-Depth Analysis - Tom Roter

https://blog.minerva-labs.com/egregor-ransomware-an-in-depth-analysis

 

⦿ Internals of Lazarus Operation Dream Job - 0xthreatintel

https://0xthreatintel.medium.com/internals-of-lazarus-operation-dream-job-7ced9fc7da3e

 

 

[리버싱, 펜테스팅, 분석]

⦿ Analyzing Clubhouse for fun and profit - Theori

https://theori.io/research/korean/analyzing-clubhouse/

 

⦿ Kubernetes Pentest Methodology - Or Ida

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3

 

⦿ Methodology for Static Reverse Engineering of Windows Kernel Drivers - Matt Hand

https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83

 

⦿ Pentest Tips and Tricks - jivoi

https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/

https://jivoi.github.io/2015/08/21/pentest-tips-and-tricks-number-2/

 

⦿ Remote Desktop Connection (mstsc.exe) Screen in a Memory Dump Analysis - Rifqi Ardia Ramadhan

https://medium.com/mii-cybersec/remote-desktop-connection-mstsc-exe-screen-in-a-memory-dump-analysis-e7e00895dd4a

 

⦿ Using eBPF to uncover in-memory loading - Pat H

eBPF를 이용하여 멀웨어가 파이프를 사용하여 인 메모리 로드를 수행할 때 기록하는 방법

https://blog.tofile.dev/2021/02/15/ebpf-01.html

 

 

[CTF, Wargame]

⦿ Book HackTheBox Walkthrough - Raj Chandel

hackingarticles.in/book-hackthebox-walkthrough/

 

⦿ Remote HackTheBox Walkthrough - Raj Chandel

https://www.hackingarticles.in/remote-hackthebox-walkthrough/

 

 

[기타]

⦿ Line CTF

- Date: 20.03.2021 00:00 UTC ~ 21.03.2021 00:00 UTC (24 hours)

https://linectf.me

 

⦿ Quarkslab Challenge

https://quarkslab.com/challenge-quarkslab-2021/

 

[툴]

 

 

 

 

 

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.03 - 1주)  (0) 2021.03.08
주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28

⦿ 원격 해커가 내부 네트워크의 기기를 공격할 수 있는 새로운 공격 발견 - 2021.01.29

 

 

⦿ Microsoft Azure Function 취약점 악용하여 Docker 탈출 - 2021.02.01

 

 

⦿ 구글, Libgcrypt 암호화 라이브러리의 심각한 취약점 공개 - 2021.02.02

 

 

⦿ 테슬라 에이전트, 새로운 전송 및 회피 기법 사용 - 2021.02.02

 

 

⦿ 구글, 제로데이 공격 후 추가된 애플 iOS 보안 기능 분석 - 2021.02.02

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.02 - 4주)  (0) 2021.03.02
기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25

[Exploitation]

⦿ A Look at iMessage in iOS 14 - Samuel Groß

https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html

 

⦿ Effectively Fuzzing the IPC Layer in Firefo - Christoph Kerschbaumer and decoder

https://blog.mozilla.org/attack-and-defense/2021/01/27/effectively-fuzzing-the-ipc-layer-in-firefox/

 

⦿ Heap-based buffer overflow in Sudo (CVE-2021-3156) - Qualys Security Advisory

https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt

 

⦿ Possible RCE through Windows Custom Protocol on Windows client

https://hackerone.com/reports/1001255

 

⦿ Pwn2Own: A Tale of a Bug Found and Lost Again - Hanno Heinrichs and Lukas Kupczyk

https://www.crowdstrike.com/blog/pwn2own-tale-of-a-bug-found-and-lost-again/

 

⦿ Windows Exploitation Tricks: Trapping Virtual Memory Access - James Forshaw

https://googleprojectzero.blogspot.com/2021/01/windows-exploitation-tricks-trapping.html

 

 

 

[Web]

⦿ The Secret Parameter, LFR, and Potential RCE in NodeJS Apps

https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/

 

 

[Network]

⦿ VisualDoor: SonicWall SSL-VPN Exploit

https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/

 

 

[Cyber Operation, Malware]

⦿ A Deep Dive Into Patchwork APT Group - cybleinc

https://cybleinc.com/2021/01/20/a-deep-dive-into-patchwork-apt-group/

 

⦿ Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop - Microsoft

https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/

 

⦿ Detecting zero days in software supply chain with static and dynamic analysis - Ajin Abraham

https://ajinabraham.com/blog/detecting-zero-days-in-software-supply-chain-with-static-and-dynamic-analysis

 

⦿ Malware development part 6 - Some advanced obfuscation techniques for C code - Patryk Czeczko

https://0xpat.github.io/Malware_development_part_6/

 

 

[보안연구원 타깃 공격 관련]

⦿ DPRK Malware Targeting Security Researchers

https://norfolkinfosec.com/dprk-malware-targeting-security-researchers/

 

⦿ New campaign targeting security researchers - Adam Weidemann

https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/

 

⦿ 중국 Anheng 측 분석

https://mp.weixin.qq.com/s/UBD0hyXUooYuDrpsz8-MtQ

 

⦿ 중국 360 측 분석

https://mp.weixin.qq.com/s/W-C_tKVnXco8C3ctgAjoNQ

 

 

[기타]

⦿ Jailbreak Forum

https://jailbreak.fce365.info/

 

⦿ 버그바운티 팁

https://gowsundar.gitbook.io/book-of-bugbounty-tips/

 

⦿ 버그헌터 핸드북

https://gowthams.gitbook.io/bughunter-handbook/

 

 

[툴]

⦿ Hooking iOS Kernel Functions From Userspace

https://github.com/jsherman212/xnuspy

 

⦿ iOS virtualization tool for individual subscribers 

https://corellium.com/blog/ios-for-individuals

 

 

 

 

 

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22

⦿ SonicWall VPN 제품에서 제로데이 공격으로 해킹 당해 - 2021.01.22

 

⦿ 원격으로 악용 가능한 윈도우 취약점 세부 정보 공개 - 2021.01.25

 

⦿ 북한 추정 해킹그룹, 보안 연구원 타깃 새로운 사이버공격 진행 - 2021.01.26

 

⦿ 애플, 실제 공격에 악용 중인 제로데이 취약점 3개 수정 - 2021.01.27

 

 

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22
주요 뉴스 (2021.01 - 2주)  (0) 2021.01.18

+ Recent posts