Forwarded from Source Byte
How to mitigate symbolic link attacks on Windows?
https://www.seljan.hu/posts/how-to-mitigate-symbolic-link-attacks-on-windows/
https://www.seljan.hu/posts/how-to-mitigate-symbolic-link-attacks-on-windows/
🐳3
Forwarded from CyberSecurityTechnologies
#exploit
High severity Windows vulnerabilities:
1⃣ CVE-2025-26686:
RCE in Windows 10/11/Srv TCP/IP stack
// leaves sensitive memory unlocked, allowing remote attackers to hijack systems. Exploitable over the network, it risks full compromise. Patch now..
2⃣ CVE-2025-60710:
LPE in Taskhost Windows Tasks
// Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally
3⃣ CVE-2025-54110:
Windows Kernel Integer Overflow Privilege Escalation
// high-severity vulnerability in Windows Kernel that arises from improper handling of integer values during memory allocation
4⃣ CVE-2025-54918:
Improper authentication in Windows NTLM
// Simulated exploitation and mitigation of CVE-2025-54918 (Win NTLM flaw). Incl. detection scripts, Ansible patching, CI/CD hardening. Demonstrates PrivEsc from low-level access to SYSTEM in hybrid cloud environments
// Disclaimer
High severity Windows vulnerabilities:
1⃣ CVE-2025-26686:
RCE in Windows 10/11/Srv TCP/IP stack
// leaves sensitive memory unlocked, allowing remote attackers to hijack systems. Exploitable over the network, it risks full compromise. Patch now..
2⃣ CVE-2025-60710:
LPE in Taskhost Windows Tasks
// Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally
3⃣ CVE-2025-54110:
Windows Kernel Integer Overflow Privilege Escalation
// high-severity vulnerability in Windows Kernel that arises from improper handling of integer values during memory allocation
4⃣ CVE-2025-54918:
Improper authentication in Windows NTLM
// Simulated exploitation and mitigation of CVE-2025-54918 (Win NTLM flaw). Incl. detection scripts, Ansible patching, CI/CD hardening. Demonstrates PrivEsc from low-level access to SYSTEM in hybrid cloud environments
// Disclaimer
❤🔥1
Forwarded from [ deprecated_bytes ]
❤1
A site for sharing packet capture (pcap) files and malware samples.
I started this blog in 2013 to share pcaps and malware samples. Due to issues with Google, I took down most of my old blog posts. I've been slowly restoring these with a new pattern for the password-protected zip archives. 2014 and 2015 have yet to be fully restored. All other years are currently online.
http://Malware-Traffic-Analysis.net
I started this blog in 2013 to share pcaps and malware samples. Due to issues with Google, I took down most of my old blog posts. I've been slowly restoring these with a new pattern for the password-protected zip archives. 2014 and 2015 have yet to be fully restored. All other years are currently online.
http://Malware-Traffic-Analysis.net
❤3
Forwarded from Order of Six Angles
YouTube
Malware Analysis - Defeating ConfuserEx Anti-Analysis with Hooking
Malware analysis courses: https://malwareanalysis-for-hedgehogs.learnworlds.com/
Use this coupon for -30% on the courses (until 1. Jan. 2026): IAMSADBLACKFRIDAYISOVER
Discord invite: https://discord.gg/BSaCtKg5
Sample: https://malshare.com/sample.php?…
Use this coupon for -30% on the courses (until 1. Jan. 2026): IAMSADBLACKFRIDAYISOVER
Discord invite: https://discord.gg/BSaCtKg5
Sample: https://malshare.com/sample.php?…
❤🔥3❤1
Forwarded from Source Byte
Diffing 7-Zip for CVE-2025-11001
https://pacbypass.github.io/2025/10/16/diffing-7zip-for-cve-2025-11001.html
https://pacbypass.github.io/2025/10/16/diffing-7zip-for-cve-2025-11001.html
❤🔥2
Forwarded from Source Byte
K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation
https://blog.quarkslab.com/k7-antivirus-named-pipe-abuse-registry-manipulation-and-privilege-escalation.html
#CVE-2024-36424
https://blog.quarkslab.com/k7-antivirus-named-pipe-abuse-registry-manipulation-and-privilege-escalation.html
#CVE-2024-36424
❤2
Forwarded from Записки CPU designer'a
Hot Chips 2025 presentations and videos are now publicly available:
https://hc2025.hotchips.org/
Всем смотреть 👀
https://hc2025.hotchips.org/
Всем смотреть 👀
hc2025.hotchips.org
Hot Chips 2025
A Symposium on High Performance Chips
❤🔥2❤2
Forwarded from Записки CPU designer'a
Принес вам сегодня крутой курс от ETH Zurich:
VLSI 2: From Netlist to Complete System on Chip
Этот курс охватывает весь путь разработки микросхемы - от написания кода на Verilog и синтеза до физического проектирования чипа, включая floorplanning, размещение и трассировку, анализ тайминга и проверку готовности к производству. По итогам студенты проходят полный маршрут создания собственного SoC, используя открытые инструменты и прорабатывая все ключевые этапы VLSI-дизайна.
Из плюсов, что курс почти полностью построен на полностью open-source тулах: OpenROAD, Yosys, Verilator.
Лекции доступны только в формате презентаций, видеозаписей нет.
Всем ботать курс, после выходных проверю 🤓
VLSI 2: From Netlist to Complete System on Chip
Этот курс охватывает весь путь разработки микросхемы - от написания кода на Verilog и синтеза до физического проектирования чипа, включая floorplanning, размещение и трассировку, анализ тайминга и проверку готовности к производству. По итогам студенты проходят полный маршрут создания собственного SoC, используя открытые инструменты и прорабатывая все ключевые этапы VLSI-дизайна.
Из плюсов, что курс почти полностью построен на полностью open-source тулах: OpenROAD, Yosys, Verilator.
Лекции доступны только в формате презентаций, видеозаписей нет.
Всем ботать курс, после выходных проверю 🤓
❤3🐳1
Forwarded from MEPhI CTF (Pavel Blinnikov)
Кейс, когда пришёл за одним (интерналсами Hyper-V), а остался из-за другого (очень плотного доклада по пывну userspace Windows).
Было не очень очевидно, но в MSRC работают по-настоящему серьёзные ребята.
https://www.youtube.com/watch?v=50xxJEODO3M
Было не очень очевидно, но в MSRC работают по-настоящему серьёзные ребята.
https://www.youtube.com/watch?v=50xxJEODO3M
YouTube
Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine
In this talk, I'll examine a powerful vulnerability in Hyper-V's emulated storage component that was reported through the Hyper-V bug bounty. Then, I'll demonstrate how I exploited this vulnerability on Windows Server 2012R2.
By Joe Bialek
Full Abstract:…
By Joe Bialek
Full Abstract:…
❤🔥2