Found 16 bookmarks
Custom sorting
Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7
Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7
In a previous blog post we described a process injection vulnerability affecting all AppKit-based macOS applications. This research was presented at Black Hat USA 2022, DEF CON 30 and Objective by the Sea v5. This vulnerability was actually the second universal process injection vulnerability we reported to Apple, but it was fixed earlier than the first. Because it shared some parts of the exploit chain with the first one, there were a few steps we had to skip in the earlier post and the presentations. Now that the first vulnerability has been fixed in macOS 13.0 (Ventura) and improved in macOS 14.0 (Sonoma), we can detail the first one and thereby fill in the blanks of the previous post. This vulnerability was independently found by Adam Chester and written up here under the name “DirtyNIB”. While the exploit chain demonstrated by Adam shares a lot of similarity to ours, our attacks trigger automatically and do not require a user to click a button, making them a lot more stealthy. Therefore we decided to publish our own version of this write-up as well.
#sector7#EN#2024#macos#nib#exploit#research#vulnerability#DirtyNIB
·sector7.computest.nl·
Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7
#FuckStalkerware pt. 3 - ownspy got, well, owned
#FuckStalkerware pt. 3 - ownspy got, well, owned
we continue our series on stalkerware with a write-up and batch of data sent to me by a source last night. this time it is the brazilian ownspy (aka webdetective and saferspy, by mobileinnova) that has been completely hacked. among other things ownspy claims to be the #1 most privacy focused "parental control app" allegedly featuring E2E encryption, if this sounds too good to be true that's because it mostly is, but more on that later.
#FuckStalkerware#stalkerware#research#analysis#leak#sqli#exploit#nyancrimew#maia-arson-crimew#android#switzerland#hacktivism#lucerne#developer
·maia.crimew.gay·
#FuckStalkerware pt. 3 - ownspy got, well, owned
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
At Grapl we believe that in order to build the best defensive system we need to deeply understand attacker behaviors. As part of that goal we're investing in offensive security research. Keep up with our blog for new research on high risk vulnerabilities, exploitation, and advanced threat tactics.
#Graplsecurity#en#2022#0-day#Linux#kernel#exploit#redteam#research
·graplsecurity.com·
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
At Grapl we believe that in order to build the best defensive system we need to deeply understand attacker behaviors. As part of that goal we're investing in offensive security research. Keep up with our blog for new research on high risk vulnerabilities, exploitation, and advanced threat tactics.
#Graplsecurity#en#2022#0-day#Linux#kernel#exploit#redteam#research
·graplsecurity.com·
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
Put an io_uring on it: Exploiting the Linux Kernel - Blog |
At Grapl we believe that in order to build the best defensive system we need to deeply understand attacker behaviors. As part of that goal we're investing in offensive security research. Keep up with our blog for new research on high risk vulnerabilities, exploitation, and advanced threat tactics.
#Graplsecurity#en#2022#0-day#Linux#kernel#exploit#redteam#research
·graplsecurity.com·
Put an io_uring on it: Exploiting the Linux Kernel - Blog |