post-exploitation – Page 2 – Experimental News Clipping Site

Hacker News: How to gain code execution on hundreds of millions of people and popular apps

Feb 28, 2025

—

by

Source URL: https://kibty.town/blog/todesktop/ Source: Hacker News Title: How to gain code execution on hundreds of millions of people and popular apps Feedly Summary: Comments AI Summary and Description: Yes Summary: The text details a security vulnerability discovered in the “todesk” application bundler, highlighting a significant exploit that allows arbitrary code execution in various applications relying…

Microsoft Security Blog: Code injection attacks using publicly disclosed ASP.NET machine keys

Feb 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/06/code-injection-attacks-using-publicly-disclosed-asp-net-machine-keys/ Source: Microsoft Security Blog Title: Code injection attacks using publicly disclosed ASP.NET machine keys Feedly Summary: Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver the Godzilla post-exploitation framework. In the course of investigating, remediating, and…

Hacker News: Backdooring Your Backdoors – Another $20 Domain, More Governments

Jan 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://labs.watchtowr.com/more-governments-backdoors-in-your-backdoors/ Source: Hacker News Title: Backdooring Your Backdoors – Another $20 Domain, More Governments Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a research project that focuses on exploiting vulnerabilities in expired and abandoned digital infrastructure, especially backdoors left by compromised systems. It highlights the use of mass-hacking techniques…

Cloud Blog: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

Jan 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day/ Source: Cloud Blog Title: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation Feedly Summary: Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson Note: This is a developing campaign under active analysis by Mandiant and Ivanti. We will continue to add more…

Cloud Blog: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing

Dec 5, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/red-team-application-security-testing/ Source: Cloud Blog Title: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing Feedly Summary: Written by: Ilyass El Hadi, Louis Dion-Marcil, Charles Prevost Executive Summary Whether through a comprehensive Red Team engagement or a targeted external assessment, incorporating application security (AppSec) expertise enables organizations to better simulate the tactics and…

Hacker News: The ‘Invisibility Cloak’ – Slash-Proc Magic

Nov 8, 2024

—

by

system automation

in Uncategorized

Source URL: https://dfir.ch/posts/slash-proc/ Source: Hacker News Title: The ‘Invisibility Cloak’ – Slash-Proc Magic Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides a technical exploration of a process-hiding technique using bind mounts in Linux, highlighting its implications for forensic investigations. It elucidates how malicious actors can utilize this approach to manipulate process…

The Register: Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town

Sep 23, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/09/23/splinter_red_team_tool/ Source: The Register Title: Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town Feedly Summary: No malware crew linked to this latest red-teaming tool yet Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims’ IT environments after initial infiltration, utilizing capabilities such as executing Windows commands,…

Tag: post-exploitation

Hacker News: How to gain code execution on hundreds of millions of people and popular apps

Microsoft Security Blog: Code injection attacks using publicly disclosed ASP.NET machine keys

Hacker News: Backdooring Your Backdoors – Another $20 Domain, More Governments

Cloud Blog: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

Cloud Blog: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing

Hacker News: The ‘Invisibility Cloak’ – Slash-Proc Magic

The Register: Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town