Adversary Services – WindowsTechs.com

Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Posted on December 7, 2023 by Rio Sherri

Being part of the Adversary Services team at IBM, it is important to keep your skills up to date and learn new things constantly. macOS security was one field where I decided to put more effort this year to further improve my exploitation and operation skills in macOS environments. During my research, I decided to […]

The post Exploiting GOG Galaxy XPC service for privilege escalation in macOS appeared first on Security Intelligence.

Continue reading Exploiting GOG Galaxy XPC service for privilege escalation in macOS→

Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service

Posted on October 10, 2023 by Valentina Palmiotti

Last month Microsoft patched a vulnerability in the Microsoft Kernel Streaming Server, a Windows kernel component used in the virtualization and sharing of camera devices. The vulnerability, CVE-2023-36802, allows a local attacker to escalate privileges to SYSTEM. This blog post details my process of exploring a new attack surface in the Windows kernel, finding a […]

The post Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service appeared first on Security Intelligence.

Continue reading Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service→

Reflective call stack detections and evasions

Posted on October 6, 2023 by Bobby Cooke

In a blog published this March, we explored reflective loading through the lens of an offensive security tool developer, highlighting detection and evasion opportunities along the way. This time we are diving into call stack detections and evasions, and how BokuLoader reflectively loads call stack spoofing capabilities into beacon. We created this blog and public […]

The post Reflective call stack detections and evasions appeared first on Security Intelligence.

Continue reading Reflective call stack detections and evasions→

Databases beware: Abusing Microsoft SQL Server with SQLRecon

Posted on August 7, 2023 by Sanjiv Kawa

Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, […]

The post Databases beware: Abusing Microsoft SQL Server with SQLRecon appeared first on Security Intelligence.

Continue reading Databases beware: Abusing Microsoft SQL Server with SQLRecon→

MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis

Posted on August 2, 2023 by Valentina Palmiotti

The security updates released by Microsoft on April 11, 2023, addressed over 90 individual vulnerabilities. Of particular note was CVE-2023-21554, dubbed QueueJumper, a remote code execution vulnerability affecting the Microsoft Message Queueing (MSMQ) service. MSMQ is an optional Windows component that enables applications to exchange messages via message queues that are reachable both locally and […]

The post MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis appeared first on Security Intelligence.

Continue reading MSMQ QueueJumper (RCE Vulnerability): An In-Depth Technical Analysis→