Collaborate Disseminate
A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s currently no reports of in-the-wild exploitation, enterprise admins are advised to p… Continue reading PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)
The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure. Edge service KEV vulnerability trends 64% of all edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) in the Known Expl… Continue reading Mass exploitation is the new primary attack vector for ransomware
An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks started on June 8, two days after the PHP development team pushed out fixes, and o… Continue reading PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)
Jump-oriented Programming: Why is it better/easier to jump to the dispatcher gadget than to jump from one functional gadget directly to another functional gadget?
My understanding of JOP:
In jump-oriented programming (as described in e.g. … Continue reading Jump-Oriented Programming: Why is it better/easier to jump to the dispatcher gadget than to jump from one functional gadget directly to another?
Full title: Jump-Oriented Programming: Is it harder than traditional return-oriented programming because you need to manually prepare all the addresses and registers or is there a different reason?
And does that mean that a large percentag… Continue reading Jump-Oriented Programming: Harder than ROP because the registers need to be prepared individually? + Turing complete, but large overhead/slow?
First I used ROPgadget to find two assembly instructions:
xor rax; ret and pop rcx; ret,
They are at 0x401270 and 0x40133b.
Then I tried to put them at the top of the stack, but because the gets instruction does not read the \x00 character… Continue reading When gets reads a string, it does not read \x00, which is the NULL character. So how to separate two different addresses to complete ROP?
Horizon3.ai researches have released proof-of-concept (PoC) exploits for CVE-2024-23108 and CVE-2023-34992, vulnerabilities that allow remote, unauthenticated command execution as root on certain Fortinet FortiSIEM appliances. CVE confusion FortiSIEM h… Continue reading PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992)
I’m trying to exploit the code posted by ir0nstone at this link https://ir0nstone.gitbook.io/notes/types/stack/shellcode.
I followed any of the steps listed in the tutorial, ASLR is not enabled on my machine, but when I launch the exploit … Continue reading Buffer Overflow shell
In this Help Net Security video, Jeremy Nichols, Director, Global Threat Intelligence Center at NTT Security Holdings, discusses a recent surge in ransomware incidents. After a down year in 2022, ransomware and extortion incidents increased in 2023. Mo… Continue reading Organizations struggle to defend against ransomware
For the third time in the last seven days, Google has fixed a Chrome zero-day vulnerability (CVE-2024-4947) for which an exploit exists in the wild. About CVE-2024-4947 CVE-2024-4947 is a type confusion vulnerability in V8, Chrome’s JavaScript and WebA… Continue reading Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)