Found a user-level persistence opportunity when Steam.exe (the game platform) is installed. On boot, it runs "vulkandriverquery64.exe" which tries to load a missing DLL that can be placed in a user-writable location within %PATH%.
#redteam#malware#cybersecurity#pentesting
El primer taller del Laboratorio Virtual, Conecta Cienci@ULL es sobre computación cuántica y es impartido por los investigadores José Daniel Escánez y Javier Correa 🧪🖥️👨🔬
🚨🚨WE URGE EVERYONE TO UPDATE THEIR APPLE DEVICES AS SOON AS POSSIBLE.
We have found an actively exploited #zero#click vulnerability that was used to deliver #NSO group’s #Pegasus#spyware.
https://t.co/BS0ZI4QuIz
With Web Environment Integrity in Chromium (Chrome, Opera, Edge) it'll allow websites to determine whether a visitor is a human or a robot based off of hardware fingerprinting.
It is designed to enhance ad delivery capabilities.
Want to leak your password through a mispredicted ASM routine?
Run this on a Zen 2 Processor:
vcvtsi2s{s,d} xmm, xmm, r64
vmovdqa ymm, ymm
jcc overzero
vzeroupper
overzero:
nop
Tavis Ormandy uncovered a flaw "Zenbleed" (CVE-2023-20593) in Zen 2 by exploiting precise scheduling and vzeroupper to spy on operations like strlen, memcpy and strcmp.
This vulnerability is capable of spying on operations across virtual machines, sandboxes, containers, and processes, could leak up to 30 kb/core/sec of sensitive data!
See the full writeup here:
https://t.co/dRvorTBa6S
Recently, I've been playing around with Rust and I decided to take on the challenge of porting some of #mimikatz functionality to understand how it does its magic ✨
I've written an entry-level post about how the Minesweeper module works. Check it out!
https://t.co/2N4JLPsPnQ
The video on setting up an Android VM, Installing the Burp Certificate in the System Store, and proxying application traffic through BurpSuite is live now! Additionally, I go over using Frida to defeat certificate pinning. https://t.co/xWTPZvXThZ
Outlook for Windows can be tricked into displaying a fake domain, but open another one. Add a <base> tag with a fake domain + left-to-right mark (U+200E)
Links in <a> tags will show the fake domain, but open the real domain.
No need to buy .zip! :) Convincing #phishing#redteam