TikTok is a National Security Risk, Not A Privacy One

An analysis of the threat posed by TikTok and why we need to weigh our options carefully.

Dec 2022

TikTok is a National Security Risk, Not A Privacy One

An analysis of the threat posed by TikTok and why we need to weigh our options carefully.

Dec 2022

Everything you need to know about the OpenSSL 3.0.7 Patch (CVE-2022-3602 & CVE-2022-3786)

Nov 2022

Everything you need to know about the OpenSSL 3.0.7 Patch (CVE-2022-3602 & CVE-2022-3786)

Vulnerability Details From https://www.openssl.org/news/secadv/20221101.txt X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602) ========================================================== Severity: High A buffer overrun can be triggered in X.509 certificate verification, specifically The post Everything you need to know about the OpenSSL 3.0.7...

Nov 2022

[Video] Introduction to Use-After-Free Vulnerabilities | UserAfterFree Challenge Walkthrough (Part: 1)

An introduction to Use-After-Free exploitation and walking through one of my old challenges. Challenge Info: https://www.malwaretech.com/challenges/windows-exploitation/user-after-free-1-0 Download Link: https://malwaretech.com/downloads/challenges/UserAfterFree2.0.rar Password: MalwareTech The post [Video] Introduction to Use-After-Free Vulnerabilities...

May 2022

[Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis

Walking through my process of how I use patch analysis and reverse engineering to find vulnerabilities, then evaluate the risk and exploitability of bugs. The post [Video] Exploiting Windows RPC – CVE-2022-26809 Explained | Patch Analysis appeared first on MalwareTech.

Apr 2022

An in-depth look at hacking back, active defense, and cyber letters of marque

There has been much discussion in cyber security about the possibility of enabling the private sector to engage in active cyber defense, or colloquially “hacking back”. Several house bills have been introduced to study or enable this, such as the “Study on Cyber-Attack Response Options Act” and “Active Cyber Defense … The post An in-depth look at...

Nov 2021

How I Found My First Ever ZeroDay (In RDP)

Up until recently, I’d never tried the bug hunting part of vulnerability research. I’ve been reverse engineering Windows malware for over a decade, and I’d done the occasional patch analysis, but I never saw a point in bug hunting on a major OS. After all, there are teams of vulnerability … The post How I Found My First Ever ZeroDay (In RDP) appeared...

Jan 2021

Are Criminals Really Using ICS Malware?

Recently, The New York Times posted a sensational article about criminals using sophisticated state software for the first time. The headline is non-specific and could be taken to mean state hacking tools in general; however, this would be completely untrue. The NSA hacking tools leaked by the shadowbrokers are used … The post Are Criminals Really...

Jun 2020

BlueKeep: A Journey from DoS to RCE (CVE-2019-0708)

Due to the serious risk of a BlueKeep based worm, I’ve held back this write-up to avoid advancing the timeline. Now that a proof-of-concept for RCE (remote code execution) has been release as part of Metasploit, i feel it’s now safe for me to post this. This article will be … The post BlueKeep: A Journey from DoS to RCE (CVE-2019-0708) appeared first...

Sep 2019