Aggregator

Currently trending CVE - Hype Score: 51 - An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, and Firefox ESR < 115.23.1.

Currently trending CVE - Hype Score: 12 - The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against ...

Currently trending CVE - Hype Score: 27 - Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Currently trending CVE - Hype Score: 15 - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to modify protected parts of the file system.

A new research report released today by Progressive International, Expose Accenture, and the Movement Research Unit uncovers the sprawling influence of Accenture, the world’s largest consultancy firm, in driving a global wave of surveillance, exclusion, and authoritarianism. The investigation reveals how Accenture has become essential to security states worldwide, channeling public resources into private ownership […]

The post Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Acquisition Enhances Privileged Session Visibility, Session Replay, Granular Access
JumpCloud’s acquisition of VaultOne enhances its ability to offer secure, auditable privileged access management. With session recording, credential isolation and future integration into JumpCloud’s compliance ecosystem, the move reflects a broader identity and access strategy.

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent Threat (APT) group, deploying intricately crafted PowerShell payloads to deliver the XWorm Remote Access Trojan (RAT). This operation showcases the group’s advanced tactics, leveraging encoded scripts and multi-stage attack chains to infiltrate systems, bypass traditional security mechanisms, and establish covert […]

The post Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

一款被多个安全厂商归类为EquationDrug恶意软件的Bootkit程序，可配合NSA方程式组织工具加载使用。

A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients

本文介绍如何使用NASM汇编编写linux shellcode，同时也补充了Windows Reverse Shell shellcode的实现

本文介绍如何使用MASM汇编语言编写x64 stager

先知社区Q&A

堆漏洞在二进制中是非常常见的，之前一直觉得CTF-Pwn的堆题没有任何实战价值，之后开始实战漏洞挖掘后发现大部分挖出来的奔溃样本都是堆内存相关的，这就引发了思考，堆内存触发的奔溃大部分都只能触发一次到底该如何利用呢？但是我觉得这个应该是我自己的知识范围不够，之后去分析了很多其他的堆相关漏洞利用，但往往利用思路都不能够通用，所以出了这篇文章记一次sudo堆溢出如何逆向分析出提权思路，旨在以 sudo

越来越多的恶意软件使用正常的数字签名，近日笔者又跟踪到一例使用正常数字签名的后门样本，该攻击样本将相关的函数保存在文件名或INI文件当中，然后读取文件名或INI文件获取到相关函数执行恶意操作。

如果堆栈不存在的话，就没有必要伪造堆栈了 : )