🆕 PrivescCheck update!

I realize that I haven't communicated about PrivescCheck in a while, although I implemented a bunch of new cool features recently. A few of them below:

➡️ Check for listing Attack Surface Reduction (ASR) rules enabled in Defender Exploit Guard.
➡️ SCCM cache folder paths are now enumerated using the registry, and browsed to identify potentially hardcoded credentials.
➡️ New "-Audit" option to enable configuration audit checks.
➡️ New "-Risky" option to manually enable checks that are likely to trigger EDR.

There are also other privilege escalation attack vectors I want to cover in the near future. Stay tuned! :)

👉 https://github.com/itm4n/PrivescCheck

#pentesting #windows #tools

microsoft: Exploit Code Unporoven

me: i literally gave you a compiled PoC and also exploit code

m$: No exploit code is available, or an exploit is theoretical.

me:

#exploiting a #heap #overflow #bug on #alpine with #musl libc in redis/lua/csjon (CVE-2022-24834)

https://research.nccgroup.com/2024/06/11/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/

JetBrains security advisory: Updates for security issue affecting IntelliJ-based IDEs 2023.1+ and JetBrains GitHub Plugin
A new security issue was discovered that affects the JetBrains GitHub plugin on the IntelliJ Platform, which could lead to disclosure of access tokens to third-party sites. CVE-2024-37051 (CVSSv3: 9.3 CRITICAL) GitHub access token could be exposed to third-party sites in JetBrains IDEs. No mention of exploitation.

h/t: @serghei See related Bleeping Computer reporting: JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens

#CVE_2024_37051 #JetBrains #IntelliJ #GitHub

Happy Patch Tuesday from Adobe:

• APSB24-27 : Security update available for Adobe Photoshop (1)
• APSB24-28 : Security update available for Adobe Experience Manager (144 CVEs!! Someone's EXPERIENCING a lot of vulnerabilities if you know what I mean)
• APSB24-32 : Security update available for Adobe Audition (2)
• APSB24-34 : Security update available for Adobe Media Encoder (1)
• APSB24-38 : Security update available for Adobe FrameMaker Publishing Server (2, and CVE-2024-30299 is a perfect 10.0 🥳)
• APSB24-40 : Security update available for Adobe Commerce (10)
• APSB24-41 : Security update available for Adobe ColdFusion (2)
• APSB24-43 : Security update available for Adobe Substance 3D Stager (1)
• APSB24-44 : Security update available for Adobe Creative Cloud Desktop (1)
• APSB24-50 : Security update available for Adobe Acrobat Android (2)

No mention of exploitation.

#PatchTuesday #Adobe #CVE #vulnerability #Acrobat #Photoshop #ColdFusion

You’d really think that the top seven blocked domains on @KagiHQ being @Pinterest indicate that a functional Google would have deboosted them years ago.

(I’m loving Kagi)

School's out, and so are the latest patches from #Microsoft. We're still waiting on the updates from #Adobe. Check out the analysis from @TheDustinChilds as he breaks down the small release from Redmond. https://www.zerodayinitiative.com/blog/2024/6/11/the-june-2024-security-update-review

#Microsoft patches are out. Another small release. Still waiting on #Adobe :-[ Let them patches out! I'll have my full analysis out soon. #PatchTuesday

[ZDI-24-598] (0Day) Microsoft Windows Incorrect Permission Assignment Information Disclosure Vulnerability (CVSS 7.7; Credit: Uncodable)
https://www.zerodayinitiative.com/advisories/ZDI-24-598/

Mozilla Foundation security advisories:

• 2024-25 Security Vulnerabilities fixed in Firefox 127
• 2024-26 Security Vulnerabilities fixed in Firefox ESR 115.12

15 vulnerabilities in Firefox 127. 8 vulnerabilities in Firefox ESR 115.12. No mention of exploitation

#PatchTuesday #CVE #vulnerability #Firefox #Mozilla

Friendly reminder to submit to GreHack conference: https://grehack.fr/2024/cfp

What's different about GreHack?

- It's a simple one-track conference, but with large audience (usually sold out)
- There's usually a mixture between academic and non-academic presentations. This is enlightening.

On the non-technical side: people are very welcoming, the food is nice (especially for vegetarians), you'll see the snowy Alps, there's an excellent CTF.

#hacking #security #CFP

https://ioc.exchange/@matthew_d_green/112597849837858606

matts thread here is an important one

Tiny Awards https://lobste.rs/s/urihyy #web
https://tinyawards.net/

I’ve said before and saying again. This is a common problem in vendors - the lack of understandings of the importance/value of new attack vector discovery research.

https://x.com/l33d0hyun/status/1800299745623367867

https://bird.makeup/@l33d0hyun/1800299745623367867

it has been nearly three months since the last valid #hackerone report against #curl

Just saying.

I bet you can't find anything to report.

🤠

Hacker Template

https://patchfriday.com/64/

Did anyone realize that #MicrosoftEdge already had a #recall feature? 👀

good morning!
my talk from securityfest has been published!

if you have ~35 minutes and want to learn some stuff about adversarial defenses, have a peek!
https://www.youtube.com/watch?v=ShSR0c81h5U&ab_channel=SecurityFest

Google asks every app to have a Privacy Policy to be accepted in the Play Store. So, xScreenSaver had to write a privacy policy.

Here you go:

https://www.jwz.org/xscreensaver/google.html

NEW, by me: Mandiant says cybercriminals stole a "significant volume of data" from Snowflake customers.

Mandiant and Snowflake say they've notified 165 affected customers so far that their cloud-stored data may have been stolen.

Mandiant said the threat campaign was "ongoing," suggesting more victims to come.

More: https://techcrunch.com/2024/06/10/mandiant-hackers-snowflake-stole-significant-volume-data-customers/