Last Week in Security (LWiS) - 2022-03-28 RCE on a NAS (@alexjplaskett, @saidelike, and @FidgetingBits), Double Fetch vulns (@N1ckDunn), Ra... 2022-3-29 11:35:0 | 阅读: 53 | 收藏 | blog.badsectorlabs.com ssh ups windows razer

Last Week in Security (LWiS) - 2022-03-21 Browser in the Browser (@mrd0x), OSINT Map (@MalfratsInd), Rust packer (@verixvogel), local Kerbe... 2022-3-22 11:35:0 | 阅读: 75 | 收藏 | blog.badsectorlabs.com windows microsoft crash ups eicar

Last Week in Security (LWiS) - 2022-03-14 Embedded reversing (@zi0Black), SQL injection despite prepared statements (@Dooflin5), AutoWarp A... 2022-3-15 11:35:0 | 阅读: 120 | 收藏 | blog.badsectorlabs.com security introducing bypass cobalt

Last Week in Security (LWiS) - 2022-02-28 Stealing GitHub secrets (@not_an_aardvark), TeamsImplant (@allevon412), Nimcrypt2 (@icyguider), V... 2022-3-1 12:35:0 | 阅读: 40 | 收藏 | blog.badsectorlabs.com security yaradbg windows github squatting

Last Week in Security (LWiS) - 2022-02-22 VMware RCEs (@__mn1__ and @elk0kc), un-redacting text (@2600AltF4), undetectible AirTags (@positi... 2022-2-23 12:35:0 | 阅读: 31 | 收藏 | blog.badsectorlabs.com athena relaying lossless windows

Last Week in Security (LWiS) - 2022-02-14 Prevent IP takeover (@infosec_au), Windows LPE via handles (@last0x00), Exception Oriented Progra... 2022-2-15 11:45:0 | 阅读: 29 | 收藏 | blog.badsectorlabs.com windows processes nx manageca remote

Last Week in Security (LWiS) - 2022-02-07 EXE in LNK embeds (@x86matthew), LinkedIn Slink phishers (@briankrebs), Apollo 2.0 (@djhohnstein)... 2022-2-8 09:57:0 | 阅读: 36 | 收藏 | blog.badsectorlabs.com syswhispers apollo relaying phishers vfs

Last Week in Security (LWiS) - 2022-01-31 pkexec Linux LPE (@jogibharat), .NET remoting (@codewhitesec), usernames from CUCM (@n00py1), Not... 2022-2-1 09:25:0 | 阅读: 42 | 收藏 | blog.badsectorlabs.com spraying mythic cloud snitch pkexec

Last Week in Security (LWiS) - 2022-01-25 PrinterLogic RCEs (@TheParanoids), Java app analysis (@infosec_au), DCSync from Linux (@n00py1),... 2022-1-26 10:35:0 | 阅读: 36 | 收藏 | blog.badsectorlabs.com windows log4j bypass timed passwords

Last Week in Security (LWiS) - 2022-01-18 CI/CD pipeline war stories (@0xZon1 + others), Serv-U exploit writing (Cal Livitt of @bishopfox),... 2022-1-19 08:9:0 | 阅读: 26 | 收藏 | blog.badsectorlabs.com security fsb loader criminal flutter

Last Week in Security (LWiS) - 2022-01-10 More JDNI to RCE (@jfrog), parallel loader (@peterwintrsmith and @cube0x0), MS signed phishing do... 2022-1-11 12:59:0 | 阅读: 28 | 收藏 | blog.badsectorlabs.com nighthawk staging defender jdni beacon

Last Week in Security (LWiS) - 2022-01-03 New RE training (@ZeroPeril), macOS Gatekeeper bypass (@ethicalhax + @patrickwardle), remote PS (... 2022-1-4 12:25:0 | 阅读: 30 | 收藏 | blog.badsectorlabs.com windows remote log4j memory security

Last Week in Security (LWiS) - 2021-12-20 Explaining the 0click iOS exploit (@i41nbeer and @5aelo), new loader (@zux0x3a), first look at Ni... 2021-12-21 11:25:0 | 阅读: 38 | 收藏 | blog.badsectorlabs.com cobalt memory injection clipboard analysis

Last Week in Security (LWiS) - 2021-12-14 Log4j RCE, sAMAccountName [DA from any user] (@exploitph), XLAM tricks (@_DaWouw), Cobalt Strike... 2021-12-15 15:54:55 | 阅读: 23 | 收藏 | blog.badsectorlabs.com microsoft cobalt log4j debugger network

Last Week in Security (LWiS) - 2021-12-07 Windows LPE 0day (@KLINIX5), Windows 10 URI handler "RCE" (@positive_sec), detect anomalous TLS c... 2021-12-08 13:59:00 | 阅读: 33 | 收藏 | blog.badsectorlabs.com windows bitlocker gate security lpe

Last Week in Security (LWiS) - 2021-11-22 AFL++ on Android (@Gr33nh4t), Qualcomm NPU exploits (@mmolgtm), sysWhipser research (@CaptMeelo),... 2021-11-23 10:45:00 | 阅读: 30 | 收藏 | blog.badsectorlabs.com tpm security nucleus exchange memory

Last Week in Security (LWiS) - 2021-11-16 The future of NTLM relaying (@_EthicalChaos_), Windows updates for hackers (@bitsadmin), Syscall... 2021-11-17 10:45:00 | 阅读: 26 | 收藏 | blog.badsectorlabs.com windows analysis c2

Last Week in Security (LWiS) - 2021-11-08 DLL proxying helper BOFs (@the_bit_diddler), Cobalt Strike traffic decryption (@DidierStevens), C... 2021-11-09 11:58:08 | 阅读: 42 | 收藏 | blog.badsectorlabs.com security cobalt ces cep analysis

Last Week in Security (LWiS) - 2021-11-01 DLL proxying with artifact kit (@joevest), lateral movement 101 (@_RastaMouse), Windows kernel dr... 2021-11-02 11:00:00 | 阅读: 45 | 收藏 | blog.badsectorlabs.com artifact cobalt security bypass windows

Last Week in Security (LWiS) - 2021-10-27 Windows LPE 0day (@KLINIX5), and lots more!Last Week in Security is a summary of the interest... 2021-10-28 10:35:27 | 阅读: 39 | 收藏 | blog.badsectorlabs.com security windows analysis lpe