Unpatched iOS Bug Blocks VPNs From Encrypting All Traffic
From www.bleepingcomputer.com: A currently unpatched security vulnerability affecting iOS 13.3.1 or later prevents virtual private networks (VPNs) from encrypting all traffic and can lead to some Internet connections bypassing VPN encryption to expose users' data or leak their IP addresses.
Practices to Maintain Endpoint Security
From medium.com: For the past century, technological advancement has been disrupting industries, sending ripples of change throughout the world.
Read your own .note.gnu.build-id
From github.com: Read your own .note.
A Deep Dive Into CVE-2020-0729: Remote Code Execution Through Windows .LNK Files
From www.zerodayinitiative.com: In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, John Simpson and Pengsu Cheng of the Trend Micro Research Team detail a recent remote code execution bug in Microsoft Windows .LNK files.
I recently ran a Trickbot sample and the attackers went from Trickbot to Ryuk ransomware in just over two hours. The attackers ran Cobalt Strike within 30 minutes and confirmed hands on activity on a Domain Controller within 60 minutes. This blog post covers a TLDR, Timeline, Summary and IOCs.
From www.wilbursecurity.com: The attackers ran Cobalt Strike across multiple machines within 30 minutes of Trickbot execution and confirmed hands on activity within 60 minutes.
Looking to learn about system exploitation, but don't know where to start? This (very) detailed guide covers all the basics. Contains 21 detailed CTF solutions, plenty of theory, and zero times the phrase "exercise left to the reader".
From research.checkpoint.com: We’ve heard this question a lot.