Collaborate Disseminate
With ARM processors increasingly becoming part of the desktop ecosystem, porting code that was written for x86_64 platforms is both necessary and a massive undertaking. For many codebases a simple …read more Continue reading Hybrid Binaries On Windows for ARM: ARM64EC and ARM64X Explained
In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft Windows, and then focus on how to check if any of them have been exploited or if there have been any attempts to exploit them. Continue reading A patched Windows attack surface is still exploitable
When Windows NT originally launched it had ports to a wide variety of platforms, ranging from Intel’s x86 and i860 to DEC’s Alpha as well as the MIPS architecture. Running …read more Continue reading WoWMIPS: A MIPS Emulator for Windows Applications
This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)
This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)
This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities. Continue reading Windows CLFS and five exploits used by ransomware operators
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)
This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)
After years of struggling with Microsoft Excel’s internal conversion feature, users can now disable Excel’s internal data conversion feature. Continue reading How to Control Data Conversions in Excel for Windows and Mac