Last Week in Security (LWiS) - 2022-06-14 RE an iOS app (@inversecos), More Azure Managed Identity attacks (@_wald0), excellent hardware ha... 2022-6-15 11:59:0 | 阅读: 43 | 收藏 | blog.badsectorlabs.com vx security windows ups injection

Last Week in Security (LWiS) - 2022-06-06 Confluence RCE, Open Redirect -> RCE (@ByQwert), U-Boot vulns (@NCCGroupInfosec), Azure Managed I... 2022-6-7 11:59:0 | 阅读: 36 | 收藏 | blog.badsectorlabs.com security remote nidhogg ups mythic

Last Week in Security (LWiS) - 2022-05-31 Follina Word RCE (@_JohnHammond + @BillDemirkapi), PyPI CTX and PHPass compromise (@aydinnyunuss)... 2022-6-1 11:59:0 | 阅读: 33 | 收藏 | blog.badsectorlabs.com security follina microsoft memory cypher

Last Week in Security (LWiS) - 2022-05-30 Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools an... 2022-5-31 11:59:0 | 阅读: 85 | 收藏 | blog.badsectorlabs.com ups sixgen security weren

Last Week in Security (LWiS) - 2022-05-23 Nighthawk 0.2 (@MDSecLabs), Parallels VM escape write-up (@ret2systems), Rust supply chain attack... 2022-5-24 10:35:0 | 阅读: 46 | 收藏 | blog.badsectorlabs.com entropy bypass nighthawk hvci perl

Last Week in Security (LWiS) - 2022-05-16 Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools a... 2022-5-17 11:59:0 | 阅读: 23 | 收藏 | blog.badsectorlabs.com phishing introducing wildcard reverse machine

Last Week in Security (LWiS) - 2022-05-02 GitHub OAuth token hack, security.txt RFC (@EdOverflow), channel binding bypass for LDAP (@lowerc... 2022-5-3 11:30:0 | 阅读: 235 | 收藏 | blog.badsectorlabs.com security github windows phishing prefetch

Last Week in Security (LWiS) - 2022-04-25 Acrobat extension issues (@WPalant), ECDSA signature in Java vuln (@neilmaddog), GPO LPE (@decode... 2022-4-27 00:0:0 | 阅读: 174 | 收藏 | blog.badsectorlabs.com security windows c2 memory

Last Week in Security (LWiS) - 2022-04-18 .NET execution with docx (@danonit), AV evasion masterclass (@_vivami), Phisher's errors (@Marco_... 2022-4-19 11:59:0 | 阅读: 60 | 收藏 | blog.badsectorlabs.com microsoft windows security phishing

Last Week in Security (LWiS) - 2022-04-11 Full Edge exploit (@33y0re), dynamic P/Invoke (@bohops), Veeam exploits (@SinSinology), macOS LPE... 2022-4-12 11:54:0 | 阅读: 51 | 收藏 | blog.badsectorlabs.com security windows veeam remote lpe

Last Week in Security (LWiS) - 2022-04-04 Shared section abuse (@BillDemirkapi), ISOs and office MOTW (@DidierStevens), better fuzzing harn... 2022-4-5 11:8:0 | 阅读: 40 | 收藏 | blog.badsectorlabs.com loader windows gitlab memory security

Last Week in Security (LWiS) - 2022-03-28 RCE on a NAS (@alexjplaskett, @saidelike, and @FidgetingBits), Double Fetch vulns (@N1ckDunn), Ra... 2022-3-29 11:35:0 | 阅读: 54 | 收藏 | blog.badsectorlabs.com ssh ups windows razer

Last Week in Security (LWiS) - 2022-03-21 Browser in the Browser (@mrd0x), OSINT Map (@MalfratsInd), Rust packer (@verixvogel), local Kerbe... 2022-3-22 11:35:0 | 阅读: 75 | 收藏 | blog.badsectorlabs.com windows microsoft crash ups eicar

Last Week in Security (LWiS) - 2022-03-14 Embedded reversing (@zi0Black), SQL injection despite prepared statements (@Dooflin5), AutoWarp A... 2022-3-15 11:35:0 | 阅读: 121 | 收藏 | blog.badsectorlabs.com security introducing bypass cobalt

Last Week in Security (LWiS) - 2022-02-28 Stealing GitHub secrets (@not_an_aardvark), TeamsImplant (@allevon412), Nimcrypt2 (@icyguider), V... 2022-3-1 12:35:0 | 阅读: 40 | 收藏 | blog.badsectorlabs.com security yaradbg windows github squatting

Last Week in Security (LWiS) - 2022-02-22 VMware RCEs (@__mn1__ and @elk0kc), un-redacting text (@2600AltF4), undetectible AirTags (@positi... 2022-2-23 12:35:0 | 阅读: 32 | 收藏 | blog.badsectorlabs.com athena relaying lossless windows

Last Week in Security (LWiS) - 2022-02-14 Prevent IP takeover (@infosec_au), Windows LPE via handles (@last0x00), Exception Oriented Progra... 2022-2-15 11:45:0 | 阅读: 30 | 收藏 | blog.badsectorlabs.com windows processes nx manageca remote

Last Week in Security (LWiS) - 2022-02-07 EXE in LNK embeds (@x86matthew), LinkedIn Slink phishers (@briankrebs), Apollo 2.0 (@djhohnstein)... 2022-2-8 09:57:0 | 阅读: 36 | 收藏 | blog.badsectorlabs.com syswhispers apollo relaying phishers vfs

Last Week in Security (LWiS) - 2022-01-31 pkexec Linux LPE (@jogibharat), .NET remoting (@codewhitesec), usernames from CUCM (@n00py1), Not... 2022-2-1 09:25:0 | 阅读: 42 | 收藏 | blog.badsectorlabs.com spraying mythic cloud snitch pkexec

Last Week in Security (LWiS) - 2022-01-25 PrinterLogic RCEs (@TheParanoids), Java app analysis (@infosec_au), DCSync from Linux (@n00py1),... 2022-1-26 10:35:0 | 阅读: 36 | 收藏 | blog.badsectorlabs.com windows log4j bypass timed passwords