Found 19 bookmarks
Newest
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021)
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021)
In April 2021 I participated in Pwn2Own Vancouvver competition as a single player, and successfully demonstrated a 0-day virtual machine escape exploit with code execution on Parallels hypervisor. Today I am finally releasing the exploit source code together with a technical walkthrough video talk that I gave on Zero Day Engineering livestream in November 2021.
#zerodayengineering#EN#2024#exploit#2021#0-day#Parallels#Pwn2Own#VM#escape
·zerodayengineering.com·
Release: VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021)
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
#microsoft#EN#2022#CVE-2022-26706#macOS#Sandbox#escape#Apple
·microsoft.com·
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
#microsoft#EN#2022#CVE-2022-26706#macOS#Sandbox#escape#Apple
·microsoft.com·
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. We shared these findings with Apple, and fix for this vulnerability, now identified as CVE-2022-26706, was included in the security updates on May 16, 2022.
#microsoft#EN#2022#CVE-2022-26706#macOS#Sandbox#escape#Apple
·microsoft.com·
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706 - Microsoft Security Blog
Escaping privileged containers for fun
Escaping privileged containers for fun
Despite the fact that it is not a 'real' vulnerability, escaping privileged Docker containers is nevertheless pretty funny. And because there will always be people who will come up with reasons or excuses to run a privileged container (even though you really shouldn't), this could really be handy at some point in the future
#escape#docker#kubernetes#pwningsystems#EN#2022#escalation
·pwning.systems·
Escaping privileged containers for fun
Escaping privileged containers for fun
Escaping privileged containers for fun
Despite the fact that it is not a 'real' vulnerability, escaping privileged Docker containers is nevertheless pretty funny. And because there will always be people who will come up with reasons or excuses to run a privileged container (even though you really shouldn't), this could really be handy at some point in the future
#escape#docker#kubernetes#pwningsystems#EN#2022#escalation
·pwning.systems·
Escaping privileged containers for fun
Escaping privileged containers for fun
Escaping privileged containers for fun
Despite the fact that it is not a 'real' vulnerability, escaping privileged Docker containers is nevertheless pretty funny. And because there will always be people who will come up with reasons or excuses to run a privileged container (even though you really shouldn't), this could really be handy at some point in the future
#escape#docker#kubernetes#pwningsystems#EN#2022#escalation
·pwning.systems·
Escaping privileged containers for fun