Windows Hello for Business – Past and Present Attacks Windows Hello for Business 是微软无密码认证策略的重要组成部分，利用 PIN 或生物识别技术（如指纹和面部识别）实现用户身份验证。其认证流程涉及多个组件协同工作，并通过加密密钥和智能卡证书完成身份验证。然而，该系统曾多次遭受安全攻击，包括恶意 USB 设备、纸张打印欺骗以及保护数据加密不充分等问题。这些漏洞凸显了生物识别技术在便利性与安全性之间的平衡挑战。... 2025-6-20 09:50:0 | 阅读: 22 | 收藏 | Insinuator.net - insinuator.net biometric windows whfb passport

Disclosure: Multiple Vulnerabilities in X.Org X server prior to 21.1.17 and Xwayland prior to 24.1.7 这篇文章讨论了X.Org X服务器中的多个安全漏洞，包括整数溢出、缓冲区溢出和越界访问等问题。这些问题源于早期设计时的安全考虑不足。尽管项目成熟且广泛使用，但部分漏洞仍未解决。这些漏洞可能导致拒绝服务或更严重后果。... 2025-6-17 13:10:30 | 阅读: 38 | 收藏 | Insinuator.net - insinuator.net client cursors pcursor oci gotnow

Using the Raspberry Pi Pico W as a Bluetooth Dongle 文章介绍了将Raspberry Pi Pico W转换为蓝牙dongle的过程。通过利用其内置的Infineon CYW43439芯片和UART接口，作者实现了HCI通信，并提供了代码和使用指南。该方案成本低且灵活，适用于研究和开发，但目前不支持SCO协议。... 2025-6-13 10:2:3 | 阅读: 21 | 收藏 | Insinuator.net - insinuator.net pico uart dongle sco cyw43439

Disclosure: Input Validation Vulnerabilities in Microsoft Bookings 微软Bookings因输入验证不足存在漏洞，允许攻击者通过HTML注入篡改邮件和日历文件，并滥用重新安排功能进行钓鱼攻击。尽管微软已部分修复问题，仍需加强输入过滤和时间限制以提升安全性。... 2025-5-8 11:21:30 | 阅读: 8 | 收藏 | Insinuator.net - insinuator.net appointment ernw booking meeting microsoft

Full Disclosure: Multiple Rundeck Job Command Injections 文章描述了Rundeck平台中的命令注入漏洞。通过获取API令牌并利用任务参数的注入点，攻击者可执行任意代码。尽管部分参数被转义，但通过分割参数或利用Windows环境变量绕过限制，最终实现对节点的控制，并以root权限执行命令。该漏洞影响多个版本的Rundeck，并未及时修复。... 2025-5-5 15:20:9 | 阅读: 15 | 收藏 | Insinuator.net - insinuator.net rundeck option1 ernw escaped spaces

Vulnerability Disclosure: Restricted Shell Breakout (CVE-2025-1950) and Privilege Escalation (CVE-2025-1951) in IBM Power Hardware Management Console (HMC) 在一次红队行动中，研究人员发现IBM硬件管理控制台（HMC）的私钥，并利用两个漏洞（CVE-2025-1950和CVE-2025-1951）通过LD_PRELOAD环境变量突破受限shell环境，进而使用setuid二进制文件copysshkey将权限提升至root。这些漏洞已修复。... 2025-4-25 09:48:28 | 阅读: 29 | 收藏 | Insinuator.net - insinuator.net ibmifcb xxxxx copysshkey hmc ssh

Cookie Prefixes – The Lesser Known Cookie Security Feature 文章探讨了Web应用中Cookie安全标志的局限性，并介绍了两个特殊前缀（`__Secure-`和`__Host-`）来增强安全性。这些前缀确保HTTPS传输并限制域范围，提升数据完整性和保密性。现代浏览器广泛支持这些特性。... 2025-4-8 10:4:50 | 阅读: 3 | 收藏 | Insinuator.net - insinuator.net webapp1 sessionid prefixes webapp2 scoped

CVE-2024-11035: Minor Security Issues in VMWare Carbon Black Cloud 文章介绍了对VMware Carbon Black Cloud的安全评估结果，发现三个问题：Windows传感器中的内存泄漏漏洞（CVE-2024-11035）、Linux系统中代理停用检测不足以及不安全的绕过白名单建议。这些问题可能影响恶意活动的检测效果，但已被修复或改进。... 2025-3-31 07:34:19 | 阅读: 29 | 收藏 | Insinuator.net - insinuator.net carbon cloud security memory agents

CVE-2025-20908: Use of insufficiently random values in Samsung’s Auracast implementation 文章描述了三星Galaxy设备在Auracast功能中存在广播代码安全漏洞。默认情况下，设备生成的4字符广播代码仅由2个随机字节组成，易被暴力破解。攻击者可利用此漏洞解密广播内容甚至劫持广播。三星已修复该问题，将默认代码长度增加至6字节，并生成更安全的随机密码。... 2025-3-13 10:40:45 | 阅读: 26 | 收藏 | Insinuator.net - insinuator.net broadcast samsung auracast broadcasts derivation

When Your Edge Browser Syncs Private Data to Your Employer 这篇文章探讨了微软 Teams 可能导致员工私人浏览数据意外同步到公司账户的问题。通过实验发现，在 Windows 11 环境下，员工登录 Teams 后可能无意中将 Edge 浏览器的数据（如书签、密码等）同步到公司账户。这种情况可能导致隐私泄露，并给企业带来 GDPR 合规风险。文章建议企业通过配置策略防止数据同步，并强调需解决已同步数据的处理问题。... 2025-2-7 08:9:25 | 阅读: 16 | 收藏 | Insinuator.net - insinuator.net microsoft windows bookmarks tray

Jigsaw RDPuzzle: Piecing Attacker Actions Together In a recent incident response project, we had the chance to virtually look over the attack... 2025-1-29 14:5:43 | 阅读: 23 | 收藏 | Insinuator.net - insinuator.net tiles c5 remote client fragments

Part I: Bluetooth Auracast from a Security Researcher’s Perspective Auracast, the new Bluetooth LE Broadcast Audio feature has gained some publicity in the pa... 2025-1-27 15:7:54 | 阅读: 8 | 收藏 | Insinuator.net - insinuator.net broadcast auracast pdus bis hopping

Vulnerability Disclosure: Command Injection in Kemp LoadMaster Load Balancer (CVE-2024-7591) read file error: read notes: is a directory... 2024-11-27 17:17:47 | 阅读: 13 | 收藏 | Insinuator.net - insinuator.net wui pbinaryname progs kemp equalsign

Vulnerability Disclosure: Authentication Bypass in Vaultwarden versions < 1.32.5 During a penetration test for a customer, we briefly assessed Vaultwarden, an open-source... 2024-11-22 18:50:48 | 阅读: 11 | 收藏 | Insinuator.net - insinuator.net username vaultwarden errorevent eventtype

Announcement: Progress / Kemp LoadMaster CVE-2024-7591 Hey everybody,during a recent Red Teaming engagement Marius Walter from ERNW foun... 2024-9-9 15:15:9 | 阅读: 14 | 收藏 | Insinuator.net - insinuator.net everybody marius ernw walter realistic

Disclosure: Potential Limitations of Apple ADE in Corporate Usage Scenarios Apple Automated Device Enrollment (ADE) is presented as a way to automate and simplify the... 2024-9-3 20:51:32 | 阅读: 22 | 收藏 | Insinuator.net - insinuator.net ernw enrollment mdm omitempty activation

CrowdStrike: What is the worldwide BSOD all about? This article is about the massive BSOD triggered by CrowdStrike worldwide on July 19. Anal... 2024-8-20 16:42:10 | 阅读: 11 | 收藏 | Insinuator.net - insinuator.net crowdstrike software windows security analysis

Disclosure: Apple ADE – Network Based Provisioning Bypass Mobile Device Management (MDM) solutions are used to centrally manage mobile devices in co... 2024-8-9 16:28:58 | 阅读: 28 | 收藏 | Insinuator.net - insinuator.net ign pkt cloudapp qd

BMBF UNCOVER – Monitoring von Sicherheitsvorfällen in Fahrzeugen English AbstractFor the realization and introduction of autonomous vehicles, the safe int... 2024-6-21 22:42:45 | 阅读: 21 | 收藏 | Insinuator.net - insinuator.net monitoring draco durch matthias des

Active Directory & Entra ID Security Track at TROOPERS24 – Agenda Preview Hi,are you curious about the agenda of the Active Directory- & Entra ID security... 2024-6-14 16:59:46 | 阅读: 12 | 收藏 | Insinuator.net - insinuator.net agenda troopers24 analysis knudsen shang