- 1. Arbitrary code execution in DOOM
From the Git repo: "This example only works in version 1.9 The Ultimate Doom. That is, no Doom2, no The Final Doom or Anthology. (Why is there so many different 1.9 versions?)" - This is super cool, I don't remember enough about DoS-based Doom games, but it's cool. It won an award, yes, they have a Doom hack award thing. I never knew that was a thing, but I also think it's really cool! Awards: https://www.doomworld.com/cacowards/2020/others/ (Machaward - Most creative, unusual, or artistically compelling project of the year: Arbitrary Code Execution - @kgsws)
- 2. CISA releases CHIRP, a tool to detect SolarWinds malicious activity
"Similar to Sparrow, CHIRP scans for signs of APT compromise within an on-premises environment, by default it searches for IOCs associated with malicious activity detailed in AA20-352A and AA21-008A alerts. The CHIRP tool allows to examine Windows event logs for artifacts associated with this activity, Windows Registry for evidence of intrusion, query Windows network artifacts, and apply YARA rules to detect malware, backdoors, or implants."
- 3. Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems
"CVE-2021-1411, which concerns an arbitrary program execution vulnerability in its Windows app, is also the most critical, with a CVSS score of 9.9 out of a maximum of 10. According to Cisco, the flaw is due to improper validation of message content, thus making it possible for an attacker to send specially-crafted XMPP messages to the vulnerable client and execute arbitrary code with the same privileges as that of the user account running the software."
- 4. Ext2Fsd v0.68 – ‘Ext2Srv’ Unquoted Service Path
I would think MS Defender could catch these? https://www.commonexploits.com/unquoted-service-paths/
- 5. Review: OpenBSD 6.8 on 8th Gen Lenovo ThinkPad X1 Carbon 13.3″
This is pretty brave: "10 days ago, I bought this X1 Carbon. I immediately installed OpenBSD on it. It took me a few days to settle in and make myself at home, but here are my impressions."
- 6. Nim Strings (Extracting Strings From Nim)
- 7. Mozilla Firefox 87 Out With New Default Referrer Policy For More Privacy
"Starting with Firefox 87, we set the default Referrer Policy to ‘strict-origin-when-cross-origin’ which will trim user sensitive information accessible in the URL. As illustrated in the example above, this new stricter referrer policy will not only trim information for requests going from HTTPS to HTTP but will also trim path and query information for all cross-origin requests. With that update, Firefox will apply the new default Referrer Policy to all navigational requests, redirected requests, and subresource (image, style, script) requests, thereby providing a significantly more private browsing experience.
Attribution link: https://latesthackingnews.com/2021/03/24/mozilla-firefox-87-out-with-new-default-referrer-policy-for-more-privacy/"
- 8. Hackers Exploit Telegram API For Server-Side Data Exfiltration
"The researchers caught the malicious code running on the login page (wp-login.php) of a WordPress website. This placement allowed the attackers to steal the users’ credentials directly. In the case of admins, such data theft directly leads to website takeover." and "The attacker uses file_get_contents to make their remote request to Telegram’s API URL, allowing them to transmit the stolen data without leaving much evidence of the exfiltration on the server. Adding this feature also allows the attacker to access the stolen data in real-time, instead of having to check a text file for any captured information/."
- 9. Microsoft Exchange ProxyLogon Remote Code Execution
And now there's a Metasploit module/exploit...
- 10. Deadly Sins of Secure Coding
"Gluttony — We’ve implemented our own framework. It’s really hard to attack, Relying on Assumptions & Happy Paths — It’s an edge case, Obscurity — How will they know, to attack here?, Blame — It’s your fault!"
- 11. State prosecutors push Facebook, Twitter to do more to slow virus misinformation
"Bad actors and grifters have been spreading misinformation about vaccines on social media, including on Facebook and Twitter, for years. Some of the most infamous purveyors of vaccine and infectious diseases misinformation have been Russian government-backed trolls linked to the Internet Research Agency (IRA), the same entity that U.S. officials have said interfered in the 2016 presidential election."
- 12. The Toughest Time of Cybersecurity
"When considering cybersecurity, we need to understand it operates according to a different set of rules than the physical world. We keep distance, set borders as physical security controls. But in cyberspace, the concepts like distance, borders, and proximity all operate differently, which has profound security implications." "One thing in common between SUNBURSTS and the recent zero-day attacks on Microsoft Exchange is that they are both found to have been state-sponsored. " and then alert fatigue and skill shortage = bad news for cybersecurity.
- 13. Hackers used 11 Zero-Days to Attack Windows, iOS, Android Users
What were they after? Something good in order to burn 11 0days. "Malware trackers at Google keep on pointing out a complex APT group that burned through at least 11 zero-days exploits in less than a year to conduct mass spying across a range of platforms and gadgets. The group has effectively utilized "watering hole" assaults to divert explicit targets to a couple of exploit servers conveying malware on Windows, iOS, and Android gadgets."
- 14. The most common on premises vulnerabilities & misconfigurations
"In this blog post I’m gonna cover the in my opinion most common findings in a Windows Active Directory environment, which can be found and abused for Privilege Escalation and Lateral Movement in such a project. It’s about on premises vulnerabilities and misconfigurations in an internal company environment as well as mitigations."