2021-10-28 21:08:53
Exploit
CVE-2021-32789:
WooCommerce exploit
https://github.com/andnorack/CVE-2021-32789
Red Team Tactics
1. Weaponizing a NFC reader for basic timing attacks
https://ceres-c.it/2021/10/24/weaponizing-NFC-reader
2. Advanced request smuggling
https://portswigger.net/web-security/request-smuggling/advanced
Offensive security
Full-featured C2 framework which silently persists
on webserver with a single-line PHP backdoor
https://github.com/nil0x42/phpsploit
Malware analysis
1. Outlook Web Access Phishing
https://isc.sans.edu/forums/diary/Hunting+for+Phishing+Sites+Masquerading+as+Outlook+Web+Access/27974
2. Wslink: Unique and undocumented malicious loader that runs as a server
https://www.welivesecurity.com/2021/10/27/wslink-unique-undocumented-malicious-loader-runs-server
3. PinkBot Botnet Uses DoH
https://blog.netlab.360.com/pinkbot
Analytics
Threat Research
APT Trends Report Q3 2021
https://securelist.com/apt-trends-report-q3-2021/104708
@hackthespace
219 viewsedited 18:08