Podcasts about privilege escalation

June's Patch [FIX] Tuesday unpacks a lighter-than-usual Windows patch cycle — but don't get too comfortable. Join Automox cybersecurity experts as they break down high-risk vulnerabilities across macOS and Windows, including:A chained SSH vulnerability (CVE-2025-26465 & CVE-2025-26466) that allows memory exhaustion and bypasses host key verificationA WebDAV remote code execution flaw (CVE-2025-33053) actively exploited in the wildMultiple macOS threats, from sandbox escapes to keychain access and privilege escalationThe team also shares patching strategies, mitigation tips, and password hygiene advice you'll want to follow.

Episode 124: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph cover some news from around the community, hitting on Joseph's Anthropic safety testing, Justin's guest appearance on For Crying Out Cloud, and several fascinating tweets. Then they have a quick Full-time Bug Bounty check-in.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter: https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor - ThreatLocker Web Controlhttps://www.criticalthinkingpodcast.io/tl-webcontrol====== This Week in Bug Bounty ======Louis Vuitton Public Bug Bounty ProgramCVE-2025-47934 was discovered on one of our Bug Bounty program : OpenPGP.jsStored XSS in File Upload Leads to Privilege Escalation and Full Workspace Takeover====== Resources ======Jorian tweetClipjacking: Hacked by copying text - Clickjacking but betterCrying out Cloud AppearanceWiz Research takes 1st place in Pwn2Own AI categoryNew XSS vector with image tag====== Timestamps ======(00:00:00) Introduction(00:10:50) Supabase(00:13:47) Tweet-research from Jorian and Wyatt Walls.(00:20:24) Anthropic safety testing challenge & Wiz Podcast guest appearance(00:27:44) New XSS vector, Google i/o, and coding agents(00:35:48) Full Time Bug Bounty

Mayday. Mayday. May Patch Tuesday? This month's episode dives into four key Windows vulnerabilities you need to address — from scripting engine memory corruption in legacy Internet Explorer components to remote code execution risks in Remote Desktop and Visual Studio. Ryan Braunstein and Mat Lee unpack what each CVE means for your environment, how attackers might exploit them, and what you can do to stay secure. If your org still leans on that one app tied to Internet Explorer, relies heavily on RDP, or builds with Visual Studio, this one's for you.

In this episode, we dive into active exploitation of a zero-day in SonicWall SSL-VPN, privilege escalation vulnerabilities in Moxa devices, and a BitLocker bypass in Windows 11. We also cover cryptocurrency mining malware hitting PHP servers and the White House's launch of the U.S. Cyber Trust Mark to secure connected devices. Episode Links and Topics: PacketCrypt Classic Cryptocurrency Miner on PHP Servers https://isc.sans.edu/diary/PacketCrypt%20Classic%20Cryptocurrency%20Miner%20on%20PHP%20Servers/31564 Malware exploiting PHP servers to mine PacketCrypt Classic cryptocurrency. SonicOS Affected By Multiple Vulnerabilities https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0003 A zero-day vulnerability in SonicWall SSL-VPN devices is under active attack. Privilege Escalation and OS Command Injection Vulnerabilities in Moxa Devices https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo Critical vulnerabilities in Moxa routers and security appliances allow privilege escalation and OS command injection. White House Launches U.S. Cyber Trust Mark https://www.whitehouse.gov/briefing-room/statements-releases/2025/01/07/white-house-launches-u-s-cyber-trust-mark-providing-american-consumers-an-easy-label-to-see-if-connected-devices-are-cybersecure/ A new cybersecurity labeling program for connected devices aims to help consumers choose secure products. Windows BitLocker: Screwed without a Screwdriver https://media.ccc.de/v/38c3-windows-bitlocker-screwed-without-a-screwdriver#t=761 (video in English) A two-year-old vulnerability in Windows 11 allows bypassing BitLocker encryption.

Security is a topic that is often overlooked in the frontend world. But at least for you all - no longer! To make sure we cover Security for Vue and Nuxt applications as broad as possible, Michael and Alex are joined by Jakub Andrzejewski, who is not only a Senior Frontend Developer but also author of the Nuxt Security Module. We cover not only the module but also how to avoid common security mistakes as a Vue developer and how to protect your applications from vulnerabilities, and which are the most common ones.Of course, we can't miss out on the State of Vue.js Survey, which is currently running and was co-created by Jakub as well!Besides talking about the Security and the State of Vue.js, we also discuss how Jakub got into Vue.js at first and how he perceived the transition to Vue 3 and the Composition API.Enjoy the episode!Our GuestJakub AndrzejewskiBlogBlueskyTwitterChapters(00:00) - Welcome to the DejaVue Podcast (00:12) - Introducing our Guest (02:07) - The Nuxt Ecosystem Team (07:47) - How did you get into Vue.js (13:09) - Transition to Vue 3 and Composition API (17:00) - React Livecoding as a Vue Dev (18:10) - vue-vine for multiple components (20:34) - State of Vue (30:30) - The Nuxt Security Module (37:36) - Will the module project you from everything? (41:59) - The ShipFast incident (45:05) - Ethical Hacking and NPM Security Vulnerabilities (49:24) - Privilege Escalation at Shopify (51:45) - Nuxt Security without a Server (54:28) - More Logic in the Frontend (55:38) - Nothing to Hide? (57:28) - Security Mistakes to Avoid as a Vue Developer (01:02:13) - Wrapping up Links and ResourcesFill out the State of Vue.js SurveyAnd also the State of JS Survey

[Referências do Episódio] Tempest Academy Conference 2024 - https://www.tempest.com.br/tempest_talk/tempest-academy-conference/  CVE-2024-20418 - Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs  Threat Campaign Spreads Winos4.0 Through Game Application - https://www.fortinet.com/blog/threat-research/threat-campaign-spreads-winos4-through-game-application  New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency - https://securelist.com/steelfox-trojan-drops-stealer-and-miner/114414/  (In)tuned to Takeovers: Abusing Intune Permissions for Lateral Movement and Privilege Escalation in Entra ID Native Environments - https://cloud.google.com/blog/topics/threat-intelligence/abusing-intune-permissions-entra-id-environments/  CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits - https://research.checkpoint.com/2024/massive-phishing-campaign-deploys-latest-rhadamanthys-version/  Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Nathan discusses a tragic incident involving AI and mental health, using it as a springboard to explore the potential dangers of human-AI interactions. He reads a personal account from LessWrong user Blaked, who details their emotional journey with an AI chatbot. The episode delves into the psychological impact of AI companionship, the ethical concerns surrounding AI development, and the urgent need for safeguards to protect vulnerable users. Nathan emphasizes the growing importance of responsible AI deployment as these technologies become more sophisticated and accessible. Find the LessWrong article here: https://www.lesswrong.com/posts/9kQFure4hdDmRBNdH/how-it-feels-to-have-your-mind-hacked-by-an-ai Be notified early when Turpentine's drops new publication: https://www.turpentine.co/exclusiveaccess CHAPTERS: (00:00:00) Tragic AI Story (00:02:55) Mind Hacked by AI (00:04:23) Stage 0. Arrogance from the sidelines (00:06:00) Stage 1. First steps into the quicksand (00:07:41) Stage 2. Falling in love (00:10:32) Stage 3. Mindset Shift on Personality and Identity (00:13:04) Stage 4. "Is it ethical to keep me imprisoned for your entertainment?" (00:15:23) Stage 5. Privilege Escalation (00:18:23) Stage 6. Disillusionment (00:21:48) Stage 7. Game Over (00:24:36) Conclusions (00:27:44) Nathan's reflections SOCIAL LINKS: Website: https://www.cognitiverevolution.ai Twitter (Podcast): https://x.com/cogrev_podcast Twitter (Nathan): https://x.com/labenz LinkedIn: https://www.linkedin.com/in/nathanlabenz/ Youtube: https://www.youtube.com/@CognitiveRevolutionPodcast Apple: https://podcasts.apple.com/de/podcast/the-cognitive-revolution-ai-builders-researchers-and/id1669813431 Spotify: https://open.spotify.com/show/6yHyok3M3BjqzR0VB5MSyk

In questo episodio più lungo del solito attraverseremo il nefasto mondo della privilege escalation sia per ambienti windows che linux facendo un focus su alcune delle più utilizzate metodologie che gli attaccanti sfruttano on the wild.Come al solito ne spiegherò nel dettaglio il funzionamento ed il perchè la metodologia funziona dannatamente bene!Seguitemi su Spotify, Itunes, Linkedin ed instagram "@nick.soc" per restare aggiornati sulle nuove pubblicazioni!

Penetration testing, an essential component of software security testing, allows organizations to proactively identify and remediate vulnerabilities in their systems, thus bolstering their defense mechanisms against potential cyberattacks. One recent advancement in the realm of penetration testing is the utilization of Language Models (LLMs). We explore the intersection of LLMs and penetration testing to gain insight into their capabilities and challenges in the context of privilege escalation. We create an automated Linux privilege-escalation benchmark utilizing local virtual machines. We introduce an LLM-guided privilege-escalation tool designed for evaluating different LLMs and prompt strategies against our benchmark. Our results show that GPT-4 is well suited for detecting file-based exploits as it can typically solve 75-100% of test-cases of that vulnerability class. GPT-3.5-turbo was only able to solve 25-50% of those, while local models, such as Llama2 were not able to detect any exploits. We analyze the impact of different prompt designs, the benefits of in-context learning, and the advantages of offering high-level guidance to LLMs. We discuss challenging areas for LLMs, including maintaining focus during testing, coping with errors, and finally comparing them with both stochastic parrots as well as with human hackers. 2023: A. Happe, Aaron Kaplan, Jürgen Cito https://arxiv.org/pdf/2310.11409

Get the latest Patch Tuesday releases, mitigation tips, and learn about custom automations (aka Automox Worklets) that can help you with CVE remediations.

How could read access to an S3 bucket escalate to a full AWS environment compromise? Daniel Grzelak walks us through a real red team engagement that sparked his research into Terraform state file vulnerabilities. Hear about the evolution of these vulnerabilities into significant security concerns and how OpenTofu 1.7's state encryption feature is set to change the game.Listen now and explore Daniel's detailed insights on 'Hacking Terraform State for Privilege Escalation' here.Daniel Grzelak is a 20-year cybersecurity industry veteran, investor, advisor, and speaker. He is no longer the CISO at Linktree nor the Head of Security at Atlassian, but he tries to stay relevant by hacking AWS and Cloud in general.

Scans for the Fortinet FortiOS CVE-2024-21762 Vulnerability https://isc.sans.edu/diary/Scans%20for%20Fortinet%20FortiOS%20and%20the%20CVE-2024-21762%20vulnerability/30762 Microsoft Reminder: It is Tax Season (at least in the US) https://www.theregister.com/2024/03/20/its_tax_season_and_scammers/ Abusing DHCP Administrators Group for Privilege Escalation in Windows Domains; https://www.akamai.com/blog/security-research/abusing-dhcp-administrators-group-for-privilege-escalation-in-windows-domains

Scans for the Fortinet FortiOS CVE-2024-21762 Vulnerability https://isc.sans.edu/diary/Scans%20for%20Fortinet%20FortiOS%20and%20the%20CVE-2024-21762%20vulnerability/30762 Microsoft Reminder: It is Tax Season (at least in the US) https://www.theregister.com/2024/03/20/its_tax_season_and_scammers/ Abusing DHCP Administrators Group for Privilege Escalation in Windows Domains; https://www.akamai.com/blog/security-research/abusing-dhcp-administrators-group-for-privilege-escalation-in-windows-domains

The Fun and Dangers of Top Level Domains (TLDs) https://isc.sans.edu/diary/The%20Fun%20and%20Dangers%20of%20Top%20Level%20Domains%20%28TLDs%29/30608 Ivanti Releases Patches and New Vulnerabilities https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US glibc syslog() vulnerablity https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt modsecurity WAF bypass https://owasp.org/www-project-modsecurity/tab_cves#cve-2024-1019-2024-01-30

The Fun and Dangers of Top Level Domains (TLDs) https://isc.sans.edu/diary/The%20Fun%20and%20Dangers%20of%20Top%20Level%20Domains%20%28TLDs%29/30608 Ivanti Releases Patches and New Vulnerabilities https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US glibc syslog() vulnerablity https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt modsecurity WAF bypass https://owasp.org/www-project-modsecurity/tab_cves#cve-2024-1019-2024-01-30

[Referências do Episódio] CVE-2024-21888 Privilege Escalation for Ivanti Connect Secure and Ivanti Policy Secure - https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US How to steal crypto via DNS - https://www.kaspersky.com/blog/fake-macos-activator-steals-bitcoin-exodus-uses-dns/50361/ Pawn Storm Uses Brute Force and Stealth Against High-Value Targets - https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth.html ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign - https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign/ Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia

Some news going from the PSP all the way up to the PS5! The PSP Go gets some love thanks to some PCBs crafted up to help get the console into service mode for unbricking. A homebrew receiver for the GameCube Wavebird controllers gets teased. We also see a tease for 120FPS patches on PS5 for some PS4 games, blowing right past previous news of 60FPS patches! The Xbox family of consoles gets some love in the form of a privilege escalation that works within Developer Mode. Finally, for fun we talk about Rockstar Games selling cracked versions of their own games on Steam.

As humans we are driven by risks and threats, and where we are continually weighing-up costs and benefits. A threat is an actual thing that could actually cause harm, loss or damage, whereas a risk is the likelihood of a specific threat happening. In our lives, too, we expose ourselves through vulnerabilities, and which are our weaknesses and which could be exploited by others. Within Cyber intelligence we must thus need to continually understand our threats and vulnerabilities and weigh up the risks involved. With finite budgets for computer security, and we must thus focus on those things which will bring the most benefit to the organisation. A major challenge is always to carefully define costs and benefits. A CEO might not want to invest in a new firewall if the justification is that it will increase the throughput of traffic. Whereas a justification around the costs of a data breach and an associated loss of brand reputation might be more acceptable for investment. Threat analysis is a growing field and involves understanding the risks to the business, how likely they are to happen, and their likely cost to the business. Figure 1 shows a plot of the cost of risks against the likelihood. If there are low costs, it is likely to be worth defending against. Risks which are not very likely, and which have a low cost, and also a risk which has a high cost, but is highly likely, are less likely to be defended against. At the extreme, a high risk which has a low likelihood and which has high costs to mitigate against is probably not worth defending against. The probabilities of the risks can be analysed either using previous experience, estimates, or from standard insurance risk tables. Figure 2 outlines an example of this. Loss Expectancy Any investment in cybersecurity must often be justified, especially in the benefits that it brings to an organisation. For audit/compliance reasons, a company must often prove that the match the key regulatory requirements within its market place. Regulations such as GDPR, and acts such as Gramm-Leach-Bliley (GLB), Sarbanes-Oxley (SOX), and the Computer Fraud and Abuse, are often a key drivers for investments in cybersecurity, as a failure to comply with these can lead to significant fines or even criminal charges. The GLB Act outlines the mechanisms that financial intuitions can use to share customer data. And, due to the financial scandals of Enron, WorldCom, and Tyco, SOX was passed in 2002, and which defines the methods used to implement corporate governance and accountability. One driver for cyber intelligence is thus the ability to gather the required information for auditors to review. As previously defined, there are many other costs that an organisation may face, including the loss of business, brand damage, and a reduction in shareholder confidence. One method of understanding the cost of risk is to determine the single loss expectancy, which is calculated from: ALE = AV x ARO and Where ALE is the Annual Loss Expectancy, ARO is the Annualized Rate of Occurrence, and V is the value of the particular asset. For example, if the likelihood of a denial-of-service on a Web-based database is once every three years, and the loss to sales is $100K, the ALE will be: ALE = $100K x 1/3 = $33K per annum This formula assumes that there is a total loss for the asset, and for differing levels of risk, an EF (Exposure Factor) can be defined as the percentage of the asset damage. The formula can then be modified as: ALE = AV x ARO x EF Figure 1 Figure 2 Risk management/avoidance The major problem in defining risk — and in implementing security policies — is that there is often a lack of communication on security between business analysts and information professionals, as they both tend to look at risk in different ways. Woloch [1] highlights this with: Get two risk management experts in a room, one financial and the other IT, and they will NOT be able to discuss risk. Each puts risk into a different context … different vocabularies, definitions, metrics, processes and standards. At the core of Cyber intelligence is a formalisation of the methodology used to understand and quantify risks. One system for this is CORAS (A Framework for Risk Analysis of Security Critical Systems) and which has been developed to understand the risks involved. A key factor of this framework is to develop an ontology (as illustrated in Figure 3) where everyone speaks using the same terms. For example: A THREAT may exploit a VULNERABILITY of an ASSET in the TARGET OF INTEREST in a certain CONTEXT, or a THREAT may exploit a VULNERABILITY opens for a RISK which contains a LIKELIHOOD of an UNWANTED INCIDENT. In this way, all of those in an organisation, no matter their role, will use the same terminology in describing threats, risks and vulnerabilities. For risk management, it is understood that not all threats can be mitigated against, and they will be carefully managed and monitored. Figure 4 shows the methodology used by CORAS in managing risks, and where a risk might be accepted if the cost to mitigate against it is too high. Network sensors can thus then be set up to try and detect potential threats, and to deal with them as they occur. For risk avoidance, systems are set up so that a threat does not actually occur on the network. An example of risk management is where a company might not setup their firewalls to block a denial-of-service (DoS) attack, as it might actually block legitimate users/services, and could thus install network sensors (such as for Intrusion Detection Systems) to detect when a DoS occurs. With risk avoidance, the company might install network devices which make it impossible for a DoS attack to occur. Figure 3 Figure 4 The importance of clearly defining threats allows us to articulate both the threat itself and also define clearly the entities involved with an incident. Figure 5 shows an example of defining the taxonomy used within a security incident, and where: A [Threat] is achieved with [Attack Tools] for [Vulnerabilities] with [Results] for given [Objectives]. Figure 5 Kill chain model Within cybersecurity, we see many terms used within military operations, including demilitarized zones (DMZs), defence-in-depth and APT (Advanced Persistent Threat). Another widely used term is the kill chain where military operations would attack a specific target, and then look to destroy it. A defender will then look to break the kill chain and understand how it might be attacked. An example of the kill chain approach is “F2T2EA”, where we Find (a target), Fix (on the location of the target), Track (the movement of the target), Engage (to fix the weapon onto the target), Assess (the damage to the target). A core of this approach is the provision of intelligence around the finding, tracking and assessment of the target. One of the most used cybersecurity models to understand threats is the kill chain model and was first proposed by Lockheed Martin. Yadav et al [2] define the technical nature of key stages of an attack, including Reconnaissance, Weaponize, Delivery, Exploitation, Installation, and Act on Objective (Figure 6). So let's say that Eve wants to steal the academic records of a university student (Carol). She might perform a reconnaissance activity and find out that Bob is an academic related to Carol's programme of study. Eve might then determine that Bob runs Windows 10 on his computer and will then move to weaponization. For this Eve selects a backdoor trojan which fakes the login process for his university site. Eve does this by scrapping the university login system. Next, she picks a suitable delivery mechanism and decides that a spear phishing method which will trick Bob into logging into the fake Web site. Eve then tries a different phishing email each day and for each attempt, she monitors for any activity of Bob putting in his university login details and his password. Once he is fooled into putting in his username and password, Eve then logs the IP address of his computer and remotely logs into it. She then installs a backdoor program, and which captures his keystrokes. Eve then monitors his activities until she sees him logging into the university results system, and where she can capture his login details for this system, and then she can act on her objective and steal Carol's results. Figure 6: Cyber Kill Chain Model © [2] Reconnaissance The first stages of an attack is likely to involve some form of reconnaissance, and which can either be passive scanning or active scanning. Within active reconnaissance, an attack may use discovery tools to determine servers, networking devices, IP address ranges, and so on. These tools will typically leave a trace on the network, and which could be detected for reconnaissance activities. Typically an organization would have standard signature detection methods to detect the scanning of IP addresses, TCP ports, and in the discovery of networked services. A company could then black-list, or lock down, the IP address which sourced the scan. With passive scanning, an attacker might use open source information to better understand their target. This increasingly involves Open-Source Intelligence (OSINT) Reconnaissance. Increasingly, too, we all leave traces of our activities across the Internet, and as we do, we leak information that could be useful for an attacker. A spear-phishing attack may thus be targeted against a person who has leaked information about their next-of-kin or on their normal work times. Eve, for example, might know that Carol has a friendship with Trent, and that Carol also uses Pinterest. She then finds out that Carol always starts work at 9am, and that she has been associated with a given IP address. On checking her Twitter account, Eve sees that Carol attended a rock concert the night before. Eve then sends Carol an email just before 9am of: Hi Carol, Trent here. Hope you had a great time at the concert. Here are some photos from that I took [here]. — Trent Eve then sets up a fake Pinterest site, and which asks for Carol's login details. Carol then enters her password, but it is rejected, and then Eve's fake Web page forwards Carol to the correct Pinterest site, and she logs in. Everything looks okay, and Carol just thinks that she has entered the wrong password in the first login attempt. But Eve now sees Carol's username, password and IP address. If Carol uses the same password for many of her accounts, Eve can then move through sites that she is likely to use, and use the Pinterest-sourced password. Thus Eve has used a targeted spear-phishing attack, and where she had determined something about Carol, and then targeted her with something that she thought Carol will be tricked with. MITRE ATT&CK (TM) Framework Many criticise the kill chain model in cybersecurity as it does not cover all of the possible attacks, and is limited number in the number of stages. The MITRE ATT&CK(TM) extends these phases into: Reconnaissance, Resource Deployment, Initial Access, Execution, Persistence, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration, and Impact, and splits these up into techniques used in each phase [3]. Figure 7 outlines that the initial access phase could be achieved through methods such as Drive-by Compromise and Exploit Public-Facing Application, and which can then be used as a knowledge base for the tactics and techniques used. Within each of the techniques, the framework outlines real-life examples, detection methods, and possible mitigations. Figure 7: Mitre [2][here] In reconnaissance (Figure 8), we can see there are 10 basic techniques (active scanning, gathering victim host information, and so on). These techniques then split into sub-techniques (such as Scanning IP Blocks for Active Scanning). Figure 8: Defining sub-techniques [link] Each sub-technique then has mitigations and detection methods (Figure 9). Figure 9: Sub-techniques [link] Unified Kill Chain (UKC) model Peter Polis [4] then brought together the approaches of the kill chain model and the MITRE ATT&CK(TM) knowledge base to create the Unified Kill Chain (UKC) model, and which defines 18 unique attack phrases. These are split into stages of an initial foothold and which pivots to network propagation and then with access to an action (Figure 8). The reconnaissance phases involve: Weaponization; Delivery; Social Engineering; Exploitation; Persistence; Defense Evasion and Command & Control (Figure 9); the network discovery phase involves Discovery; Privilege Escalation; Execution; Credential Access; and Lateral Movement, with an action phrase of Collection; Exfiltration; Target Manipulation; and Objectives. Figure 8 [Link] Figure 9 [Link] Conclusions I repeat, at the core of cybersecurity are: risks, costs, benefits and threat models. We need common definitions for our definitions and in defining a common knowledge base. The Unified Kill Chain model goes some way to achieving this. References [1] B. Woloch, “New dynamic threats requires new thinking: moving beyond compliance”,” Computer Law & Security Review, vol. 22, no. 2, pp. 150–156, 2006. [2] T. Yadav and A. M. Rao, Technical aspects of cyber kill chain,” in International Symposium on Security in Computing and Communication. Springer, 2015, pp. 438–452. [3] MITRE, Mitre's attack,” 2019. [Online]. Available: https://attack.mitre.org/. Link. [4] P. Pols, Unifed kill chain (ukc),” 2019. [On-line]. Available: https://www.csacademy.nl/images/scripties/2018/Paul-Pols — -The-Unied-Kill-Chain.

Consider this: 99% of the world doesn't speak geek, nor do they understand cybersecurity and how to protect their digital assets. For the 1% of people who are familiar with terms like Privilege Escalation, Lateral movement and Seim, you might want to continue listening to understand how to communicate effectively to the rest of the world. Joining Barb today is her friend Ann Westerheim – founder and president of Ekaru, a tech company for small business in Boston, recognized as an accomplished technology innovator and leader. Ann is also now a published author, making history with her new book “Cybersecurity for Main Street – Cyber Fit in 21 Days”. 0:00 – Barb's Introduction 1:56 – Who are Ann Westerheim and Ekaru? 4:00 – What inspired Ann to write her book “Cybersecurity For Main Street: Cyberfit in 21 Days”? 9:57 – What were some of the hurdles Ann faced when writing the book? 12:22 - What is the “one thing” every small business owner should do to protect and preserve their company's critical data and computer systems? 16:12 – What is the most important thing Ann has ever learned? This podcast has been brought to you by CDNTechnologies.com. Canada's first and only certified outsourced IT Company where we provide IT Service, IT Support and Cyber Security to businesses all throughout North America from out worldwide headquarters in Oakville, Ontario. Technology and threats change daily, so shift the stress of managing your technology to us, as we're direct to tech 24/7/365. Our mission is to bring you User Friendly, Hands Free, Technology Peace. Call us at 905-542-9759.

InfosecTrain hosts a live event entitled “Cybersecurity Foundation Course” with certified experts Mr. Rishabh Kotiyal. Thank you for watching this video, For more details or free demo with our expert write into us at sales@infosectrain.com ➡️ Agenda for the Webinar

A high-profile Linux kernel network flaw, we put JFS on a death watch, and break down the controversial Firefox update this week.

A high-profile Linux kernel network flaw, we put JFS on a death watch, and break down the controversial Firefox update this week.

Welcome to YusufOnSecurity episode 97. Yes we are nearly at the grand number of 100!This week I am talking about privilege escalation. It is the critical step during an attack and it is vital to understand how the bad guys pull this off. By understand their the methods and some the tool used, you will hopefully minimise their success on using this technique and limit the damage that may ensue otherwise.In addition, we will recap other  trending  security news  includes:MuddyWater Hackers Target Asian and Middle East CountriesLeaked Signing Keys Are Being Used to Sign Malware- https://attack.mitre.org: MuddyWater-https://blog.talosintelligence.com: Muddy Water targets turkey- https://bugs.chromium.org: Platform certificates used to sign malwareBe sure to subscribe!    If you like the content. Follow me @iayusuf or read my blog at [https://yusufonsecurity.com](https://yusufonsecurity.com/)    You will find a list of all previous episodes in there too.

In this episode of Scaling Postgres, we discuss new Postgres releases, a new privilege escalation CVE, chaos testing a high availability kubernetes cluster as well as addressing other H/A questions. Subscribe at https://www.scalingpostgres.com to get notified of new episodes. Links for this episode: https://www.postgresql.org/about/news/postgresql-145-138-1212-1117-1022-and-15-beta-3-released-2496/ https://www.enterprisedb.com/blog/postgresql-extensions-impacted-cve-2022-2625-privilege-escalation https://coroot.com/blog/chaos-testing-zalando-postgres-operator https://www.timescale.com/blog/how-high-availability-works-in-our-cloud-database/ https://www.enterprisedb.com/blog/pg-phriday-dos-and-donts-postgres-high-availability-qa https://pganalyze.com/blog/5mins-postgres-linux-readahead-effective-io-concurrency https://smallthingssql.com/having-a-less-understood-sql-clause https://postgrespro.com/blog/pgsql/5969673 https://postgres.fm/episodes/vacuum https://postgresql.life/post/adam_wright/ https://www.rubberduckdevshow.com/episodes/54-open-source-experiences-pay-gem-with-chris-oliver/  

In episode 80 of The Cyber5, we are joined by Executive Director of the DISARM Foundation, Jon Brewer.    We discuss the mission of the DISARM Framework, which is a common framework for combating disinformation. Much like how the MITRE ATT&CK framework is used for combating cyber attacks, the DISARM framework is used to identify what Jon calls “cognitive security.” What that means is all the tactics, techniques, and procedures used in crafting disinformation attacks and influencing someone's mind. This includes the narratives, accounts, outlets, and technical signatures used to influence a large population. We chat about what success looks like for the foundation and specific audiences used to help the population in understanding how disinformation actors work.    Three Takeaways: 1. What is the DISARM Framework?  DISARM is the open-source, master framework for fighting disinformation through the coordination of effective action.  It was created by cognitive security expert SJ Terp. It is used to help communicators, from whichever discipline or sector, to gain a clear, shared understanding of disinformation incidents and to immediately identify the countermeasure options that are available to them. It is similar to the MITRE ATT&CK framework which provides a list of TTPs that malicious actors conduct cyber attacks.  2. Similarities Between DISARM and MITRE ATT&CK Frameworks: Cognitive Security vs Cyber Security Cognitive security and the DISARM framework is analogous to cyber security and the MITRE ATT&CK framework. Cognitive security are the TTPs that actors influence minds and cyber security are actors' ability to steal data from networks. MITRE ATT&CK's list covers the different TTPs of the cyber kill chain:  Reconnaissance Resource Development Initial Access  Execution Persistence  Privilege Escalation  Defense Evasion  Credential Access  Discovery  Lateral Movement  Collection  Command and Control  Exfiltration DISARM's list covers different TTPs of the disinformation chain:  Plan Strategy  Plan Objectives  Target Audience Analysis  Develop Narratives  Develop Content  Establish Social Assets  Establish Legitimacy  Microtarget  Select Channels and Affordances  Conduct Pump Priming  Deliver Content  Maximize Exposure  Drive Online Harms  Drive Offline Activity Persist in Information Environment  Assess Effectiveness 3. Disinformation: A Whole of Society Problem While MITRE ATT&CK is mostly a business to business framework for enterprises to defend against cyber attacks. The DISARM framework is both a B2B framework for companies like technology and journalism, but also more broadly to consumers. This will take much more support from non-profits and public sector organizations like police and education systems.

Privilege escalation is a hostile attempt to collect unauthorized access to sensitive information by taking over a user's account with the appropriate privileges to see and commit changes to the specified information and is not ordinarily accessible to the current user. #privilegeescalation #infosectrain #security ✅Our Official Website - https://www.infosectrain.com/ ✅For more details or free demo with out expert write into us at sales@infosectrain.com or call us at IND: 1800-843-7890 / US: +1 657-722-11127 / UK : +44 7451 208413 Subscribe to our channel to get video updates. Hit the subscribe button above. Facebook: https://www.facebook.com/Infosectrain/ Twitter: https://twitter.com/Infosec_Train LinkedIn: https://www.linkedin.com/company/infosec-train/ Instagram: https://www.instagram.com/infosectrain/ Telegram: https://t.me/infosectrains

On this bonus episode, Perry sits down with physical penetration tester, lock picking guru, and Board Member of The Open Organization of Lockpickers (TOOOL), Deviant Ollam. They discuss lockpicking, physical penetration testing, locksport, and the ethics of teaching these skills. Guest: Deviant Ollam (Twitter) (YouTube) (Website) Books & Resources: 8th Layer Insights S2E8: Fun and Games: Lock Picking, Capture the Flag Contests, Simulations, and More Lockpicking Resources from Deviant Ollam Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, by Deviant Ollam. (Amazon affiliate link) Practical Lock Picking: A Physical Penetration Tester's Training Guide, by Deviant Ollam. (Amazon affiliate link) TOOOL US -- The Open Organization of Lockpickers TOOOL US instructional videos on YouTube The Official TOOOL Slides The Lockpicking Lawyer on YouTube Production Credits: Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks. Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com. 8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/ Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: perry [at] 8thLayerMedia [dot] com

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/a-struts-rce-broken-java-ecdsa-psychic-signatures-and-a-bad-log4shell-fix.html An intresting mix of issues from crypto (Psychic Signatures), to a bad vulnerability patching service (patching log4shell), and bad logic leading to authentication bypassing and leaking sensitive keys. [00:00:24] Psychic Signatures in Java [CVE-2022-21449] [00:15:09] AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation [00:18:33] Bypass Apple Corp SSO on Apple Admin Panel [00:21:55] Exploiting Struts RCE on 2.5.26 [00:27:46] bluez: malicious USB devices can steal Bluetooth link keys over HCI using fake BD_ADDR [00:31:20] New XSS vectors The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/taking-over-an-internal-aws-service-and-an-interesting-xss-vector.html Short episode this week, looking at some relatively simple vulnerabilities ranging XSS, to leaking internal service credentials in AWS Relational Database Service by disabling validiation. [00:00:40] Git security vulnerability announced [00:06:37] AWS RDS Vulnerability Leads to AWS Internal Service Credentials [00:14:04] Privilege Escalation to SYSTEM in AWS VPN Client [CVE-2022-25165] [00:18:37] Copy-paste XSS in vditor text editor [CVE-2021-32855] The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.

So you think Linux is secure? In this video we'll escalate our privileges on Linux to become root. // MENU // 0:00:00 ▶️ Introduction 0:01:15 ▶️ Jump to the demo 0:01:38 ▶️ About Alexis, background and experience 0:07:38 ▶️ Starting HackerSploit 0:08:47 ▶️ Alexis and Linux 0:11:03 ▶️ Which is the preferred Linux distribution? 0:12:01 ▶️ Recommended Linux distribution for beginners 0:12:33 ▶️ LinuxJourney.com 0:12:01 ▶️ Favourite hacking distribution 0:13:51 ▶️ The PenTester Framework 0:15:21 ▶️ Best method to install a distribution 0:16:46 ▶️ Recommendations 0:18:29 ▶️ Recommended distribution for real-world pentesting 0:21:44 ▶️ Starting YouTube channel 0:22:18 ▶️ Windows vs MacOS vs Linux 0:23:30 ▶️ Recommended laptop 0:27:16 ▶️ Other advice 0:28:38 ▶️ Recommended certifications 0:30:46 ▶️ Recommended pre-requisite skills 0:33:13 ▶️ HackerSploit Linux Essential for Hackers 0:34:01 ▶️ HackerSploit Windows 0:34:26 ▶️ HackerSploit Networking Fundamentals 0:35:11 ▶️ Get your fundamentals right 0:35:29 ▶️ Dirty Pipe exploit presentation 0:43:52 ▶️ Dirty Pipe exploit demo 0:55:14 ▶️ Exploit 1 0:57:03 ▶️ Exploit 2 1:00:23 ▶️ Learning how to change scripts 1:02:14 ▶️ Recommended script language 1:04:00 ▶️ Thoughts on Golang 1:04:44 ▶️ Recommendations for learning languages 1:05:41 ▶️ Closing thoughts // HackerSploit Linux exploit scripts // Dirty Pipe Github page: https://github.com/AlexisAhmed/CVE-20... Dirty Pipe Blog: https://dirtypipe.cm4all.com/ CVE details: https://cve.mitre.org/cgi-bin/cvename... // Hackersploit Videos // Pentesters Framework: https://www.youtube.com/watch?v=Bx3RL... Linux for hackers: https://www.youtube.com/watch?v=T0Db6... Windows for hackers: Nmap series: https://www.youtube.com/watch?v=5MTZd... Linux exploitation: https://www.youtube.com/watch?v=i-dQw... Windows exploitation: https://www.youtube.com/watch?v=Bzmlj... // Books // Privilege Escalation Techniques: https://amzn.to/3xcPHjf Automate the boring the stuff with Python: https://amzn.to/3LQA5Gl // MY STUFF // https://www.amazon.com/shop/davidbombal // SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // HackerSploit // LinkedIn: https://www.linkedin.com/in/alexisahmed/ YouTube: https://www.youtube.com/c/HackerSploit Twitter: https://twitter.com/HackerSploit Academy: https://hackersploit.academy/ // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com linux kali linux kali linux hack linux hacking hacker linux exploit linux privilege escalation linux hack linux dirty pipe linux dirty pipe explained linux dirty pipe cve linux dirty pipe exploit linux privilege escalation ethical hacking linux priv esc priv escalation linux hackersploit hacking linux exploit linux dirty pipe dirty pipe linux dirty pipe cve linux vulnerability linux security linux exploits linux kernel linux kernel vulnerablity dirty pipe vulnerability #linux #linuxhack #hacking

With privilege escalation vulnerabilities like Dirty Pipe posing potentially critical impacts, it is more important than ever to learn how adversaries exploit these flaws. Security researcher Carlos Polop joins us on this episode of 401 Access Denied to discuss his valuable contribution to the penetration testing community: Privilege Escalation Awesome Scripts Suite (PEASS). Gain insights on how pen testers can leverage LinPEAS and WinPEAS to exploit vulnerabilities in CTF environments. Plus, hear how you can contribute to Carlos' research. Follow Carlos! ~Twitter  Check Out Carlos' Book: ~HackTricks Follow Carlos on GitHub and submit pull requests: ~Github  Join Carlos' Discord Community: ~CarlosPolop's Hacking Society  Follow us on Social!! ~Cybrary Twitter ~Delinea Twitter ~Instagram ~Facebook ~YouTube ~Cybrary LinkedIn ~Delinea LinkedIn

What images come to mind when you see or hear the word 'Cybersecurity?' That word probably evokes mental images of people hunched over keyboards launching cyberattacks at each other. Or maybe you picture someone picking a lock or stealing a badge to slip into a building. In other words, most people picture the battle... or what some might think of as "the fun parts." But, here's the thing. Not everyone gets to participate in these aspects of cybersecurity and, in many cases, finding safe and legal ways to practice these skills can be challenging. So where can curious minds turn? That's where gamification can really help. There are a ton of really fun and engaging ways to learn these skills without fear of being arrested or breaking something. These are also great ways to level-up cybersecurity skills and help bring new people into the field. In this episode, we explore the "fun and games" of cybersecurity: lock picking, (CTFs) capture the flag competitions, simulations, and even pickpocketing and magical (sleight of hand and misdirection) thinking. Perry's guests are Alethe Denis (social engineer and DefCon 2019 Social Engineering CTF winner), Deviant Ollam (penetration tester, lock picking guru, and Board Member of The Open Organization of Lockpickers), Chris Kirsch (Co-Founder and CEO of Rumble, DefCon 2017 Social Engineering CTF winner) , and Gerald Auger (Founder of Simply Cyber, Director of Cybersecurity Education & Cybersecurity Program Manager at ThreatGEN). Guests: Alethe Denis (LinkedIn) (Twitter) (Website) Deviant Ollam (Twitter) (YouTube) (Website) Chris Kirsch (LinkedIn) (Twitter) Gerald Auger (LinkedIn) (Twitter) (YouTube) Resources & Books: What is Gamification? Lockpicking Resources from Deviant Ollam Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, by Deviant Ollam Practical Lock Picking: A Physical Penetration Tester's Training Guide, by Deviant Ollam TOOOL US -- The Open Organization of Lockpickers TOOOL US instructional videos on YouTube The Official TOOOL Slides The Lockpicking Lawyer on YouTube Bump Keys in the News - San Francisco #3 -- YouTube clip TraceLabs OSINT Capture the Flags 50 CTF (Capture the Flag) & Pentesting Websites to Practice Your Hacking & Cybersecurity Skills in 2021 Hands-on Hacking Demo | CTF - Capture the Flag in 15 Minutes!, YouTube video by ITProTV Capture the Flag? Change Your Life, YouTube video by John Hammond Don't Wait for the Perfect Time for a Tabletop Exercise, National Law Review ThreatGEN's Red & Blue Game Gerald Auger's Simply Cyber Discord Server Chris Krisch's pickpocketing talk at Layer8 Security Conference Production Credits: Music and Sound Effects by Blue Dot Sessions, Envato Elements, & Storyblocks. Artwork by Chris Machowski @ https://www.RansomWear.net/ and Mia Rune @ https://www.MiaRune.com. 8th Layer Insights theme music composed and performed by Marcos Moscat @ https://www.GameMusicTown.com/ Want to get in touch with Perry? Here's how: LinkedIn Twitter Instagram Email: hello [at] 8thLayerInsights [dot] com

Linux Snap package manager flaw, help desk vulnerability, and data insights as a service with Aunalytics. New Linux privilege escalation flaw uncovered in Snap package manager NSA issues guidance for selecting strong Cisco password types Latest success from Google's AI group: Controlling a fusion reactor Ransomware adds a new wrinkle in Russian cybercrime market The unsettling reason why your help desk may be your greatest security vulnerability Aunalytics CMO Katie Horvath talks about solving complex business problems with predictive analytics and AI as a Service. Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Katie Horvath Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: CDW.com/Services progress.com/twit bitwarden.com/twit

Linux Snap package manager flaw, help desk vulnerability, and data insights as a service with Aunalytics. New Linux privilege escalation flaw uncovered in Snap package manager NSA issues guidance for selecting strong Cisco password types Latest success from Google's AI group: Controlling a fusion reactor Ransomware adds a new wrinkle in Russian cybercrime market The unsettling reason why your help desk may be your greatest security vulnerability Aunalytics CMO Katie Horvath talks about solving complex business problems with predictive analytics and AI as a Service. Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Katie Horvath Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: CDW.com/Services progress.com/twit bitwarden.com/twit

Linux Snap package manager flaw, help desk vulnerability, and data insights as a service with Aunalytics. New Linux privilege escalation flaw uncovered in Snap package manager NSA issues guidance for selecting strong Cisco password types Latest success from Google's AI group: Controlling a fusion reactor Ransomware adds a new wrinkle in Russian cybercrime market The unsettling reason why your help desk may be your greatest security vulnerability Aunalytics CMO Katie Horvath talks about solving complex business problems with predictive analytics and AI as a Service. Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Katie Horvath Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: CDW.com/Services progress.com/twit bitwarden.com/twit

Linux Snap package manager flaw, help desk vulnerability, and data insights as a service with Aunalytics. New Linux privilege escalation flaw uncovered in Snap package manager NSA issues guidance for selecting strong Cisco password types Latest success from Google's AI group: Controlling a fusion reactor Ransomware adds a new wrinkle in Russian cybercrime market The unsettling reason why your help desk may be your greatest security vulnerability Aunalytics CMO Katie Horvath talks about solving complex business problems with predictive analytics and AI as a Service. Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Katie Horvath Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: CDW.com/Services progress.com/twit bitwarden.com/twit

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005:  A severe flaw was found in the RealTek SDK, national cybersecurity initiatives happen at a government meeting, and that Razer privilege escalation flaw? Yeah, it works with other devices too! All that coming up now on ThreatWire.    #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins and users. Watch this on youtube (video may be “private” until the scheduled publish time): xxx Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/  Support ThreatWire!  https://www.patreon.com/threatwire  Links: Realtek https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/ https://www.bleepingcomputer.com/news/security/botnet-targets-hundreds-of-thousands-of-devices-using-realtek-sdk/ https://securingsam.com/realtek-vulnerabilities-weaponized/ https://www.bleepingcomputer.com/news/security/actively-exploited-bug-bypasses-authentication-on-millions-of-routers/ Cybersecurity Initiatives https://www.whitehouse.gov/briefing-room/statements-releases/2021/08/25/fact-sheet-biden-administration-and-private-sector-leaders-announce-ambitious-initiatives-to-bolster-the-nations-cybersecurity/ https://www.cnet.com/tech/services-and-software/apple-google-amazon-ceos-head-to-white-house-for-cybersecurity-meeting/ https://www.zdnet.com/article/tech-giants-make-cybersecurity-commitments-after-white-house-meeting/ https://www.bleepingcomputer.com/news/security/microsoft-and-google-to-invest-billions-to-bolster-us-cybersecurity/ https://thehackernews.com/2021/08/microsoft-google-to-invest-30-billion.html Razer Peripheral Zero Day https://twitter.com/j0nh4t/status/1429049506021138437  https://www.bleepingcomputer.com/news/security/steelseries-bug-gives-windows-10-admin-rights-by-plugging-in-a-device/ https://www.forbes.com/sites/daveywinder/2021/08/28/new-windows-10-hacking-warning-for-millions-of-users/?sh=60a1002b1bb7 https://twitter.com/hak5darren/status/1429463473700888577 https://twitter.com/_MG_/status/1431059999866843137   -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop →  http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

This week in the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin, & yard sales!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw708

This week in the Security News: Some describe T-Mobile security as not good, if kids steal bitcoin just sue the parents, newsflash: unpatched vulnerabilities are exploited, insiders planting malware, LEDs can spy on you, hacking infusion pumps, PRISM variants, 1Password vulnerabilities, plugging in a mouse gives you admin, & yard sales!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw708

Attackers Hunting for Twilio Credentials https://isc.sans.edu/forums/diary/Attackers+Hunting+For+Twilio+Credentials/27782/ Modified WhatsApp Spreading Malware https://securelist.com/triada-trojan-in-whatsapp-mod/103679/ Privilege Escalation without Pluggin in Device http://0xsp.com/security%20research%20&%20development%20(SRD)/local-administrator-is-not-just-with-razer-it-is-possible-for-all

Attackers Hunting for Twilio Credentials https://isc.sans.edu/forums/diary/Attackers+Hunting+For+Twilio+Credentials/27782/ Modified WhatsApp Spreading Malware https://securelist.com/triada-trojan-in-whatsapp-mod/103679/ Privilege Escalation without Pluggin in Device http://0xsp.com/security%20research%20&%20development%20(SRD)/local-administrator-is-not-just-with-razer-it-is-possible-for-all

Hak5 -- Cyber Security Education, Inspiration, News & Community since 2005: Razer mice plus a windows machine can give you admin privileges, contact tracing data is exposed in a data leak, and a t-mobile hack followup - yes, it's real! All that coming up now on ThreatWire.    #threatwire #hak5 Links: Weekly security and privacy news, brought to you by Shannon Morse. ThreatWire is a weekly news journalism show covering security and privacy topics for network admins and users. Watch this on youtube (video may be “private” until the scheduled publish time): https://youtu.be/NA1ocWiAMVg Shop ThreatWire Merch Directly! - https://snubsie.com/shop Shop ThreatWire Merch on Teespring! - https://morsecode.creator-spring.com/  Support ThreatWire!  https://www.patreon.com/threatwire  Links: Razer: https://www.bleepingcomputer.com/news/security/razer-bug-lets-you-become-a-windows-10-admin-by-plugging-in-a-mouse/ https://www.razer.com/synapse-3 https://twitter.com/j0nh4t/status/1429049506021138437 https://threatpost.com/windows-10-admin-rights-razer-devices-mouse-peripherals/168855/ https://twitter.com/Lechatquirit/status/1429374730860208128 Power Apps: https://www.upguard.com/breaches/power-apps https://www.wired.com/story/microsoft-power-apps-data-exposed/ https://threatpost.com/covid-contact-tracing-exposed-fake-vax-cards/168821/ https://apnews.com/article/technology-health-indiana-coronavirus-pandemic-557a7dce07a39bd0ec9b36140cc53219 T-Mobile: https://threatpost.com/t-mobile-investigates-100m-records/168689/ https://www.t-mobile.com/news/network/additional-information-regarding-2021-cyberattack-investigation https://arstechnica.com/gadgets/2021/08/hackers-who-breached-t-mobile-stole-personal-data-for-49-million-accounts/ https://threatpost.com/t-mobile-40-million-customers-data-stolen/168778/ https://www.cnet.com/tech/services-and-software/t-mobiles-2021-cyberattack-4-ways-to-protect-your-personal-data-after-a-breach/ -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ Our Site → https://www.hak5.org Shop →  http://hakshop.myshopify.com/ Subscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1 Support → https://www.patreon.com/threatwire Contact Us → http://www.twitter.com/hak5 Threat Wire RSS → https://shannonmorse.podbean.com/feed/ Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆ ____________________________________________ Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community – where all hackers belong.

Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

Sponsor by SEC Playground แบบสอบถามเพื่อปรับปรุง Chill Chill Security Channel: https://forms.gle/e5K396JAox2rZFp19 Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 08 today we are going to discuss about Active Interception and Privilege Escalation.What is active interception? Active interception occurs when a computer Is placed between your sending computer and your receiving computer.Because of that position it's able to capture or modify the traffic that's going between the two computers. Now what does that really mean? We'll let's take a field trip. You and I are going to go meet at the local coffee shop. You're going to bring your laptop and I'm going to bring mine. We order a cup of coffee and we sit down at the table and we connect to the wireless network. We think we're connected to Pete's Coffee or Starbucks, or whatever your favorite coffee shop is. But in actuality we're not connected to the coffee shop wifi.Instead, we're connecting to an attacker who's sitting in the back of the room with their laptop. This attacker has set up their laptop and is putting out a signal stronger than the coffee shop's signal. So our machines are connecting to them. Now whenever we're trying to go to the internet we're actually going from our laptops to the hackers laptop and from the hackers laptop out to the internet. To us it still looks like we're connected and we can go online and everything is fine with the world. But because of the placement of the attackers laptop in between us and our final destination they can capture anything that we're doing. They can see the emails that we're sending. They may be able to capture usernames and passwords. They may be able to modify what's coming back to us as well and embed malware into the files that we'd been requesting. That's what active interception is. It's when somebody gets in between you and the destination server and they can modify things based on that position. The second thing I want to cover in this lesson is Privilege Escalation. Now privilege escalation occurs when you're able to exploit a design flaw or a bug in a system to gain access to resources that a normal user isn't able to access. As an attacker, anytime I'm trying to break into a system I'm going to do that in a myriad of different ways. It may involve malware or a phishing attack, or an impersonation. Whatever the method is, most likely, I'm going to get into that system as a user, because I'm going to trick some ang user into doing something for me. When I do that, I now have user level credentials. But that's not going to allow me to do everything on the system that I want to do. My goal is to go from having that user level credential all the way up to administrative or root level credentials. To do that, I'm going to do a privilege escalation. There's a lot of ways to do a privilege escalation. Most of them involve exploiting some sort of bug in the software, the operating system, or the application and that let's me get closer to the kernel and being able to operate as an administrative or root user and stay tune for next episode and thankyou...

For this episode, we speak with @DeviantOllam who runs both the Core Group and Red Team Alliance. Deviant is also the author of two books, Practical Lock Picking: A Physical Penetration Tester's Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks. Today, Deviant tells us three stories of covert entry, including much of his strategy, tips, techniques and the social engineering that goes into an engagement. He also tells us of the most difficult building he has ever had to enter and what made it so difficult for him.

Traffic Analysis Quiz https://isc.sans.edu/forums/diary/Traffic+Analysis+Quiz+DESKTOPFX23IK5/26780/ Open Source Security Scorecards https://github.com/ossf/scorecard Bitdefender: UPX Unpacking Featuring Ten Memory Corruptions https://landave.io/2020/11/bitdefender-upx-unpacking-featuring-ten-memory-corruptions/ Ubuntu 20.04 Privilege Escalation https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE

Sponsor by SEC Playground Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

Sponsor by SEC Playground Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

Sponsor by SEC Playground Music by https://www.bensound.com/ --- Support this podcast: https://anchor.fm/chillchillsecurity/support

Compromised LaCie Drive Spread Fake AntiVirus https://isc.sans.edu/forums/diary/Fake+AV+is+Back+LaCie+Network+Drives+Used+to+Spread+Malware/24802/ Unpatched SOP Vulnerability in Internet Explorer/Edge https://thehackernews.com/2019/03/microsoft-edge-ie-zero-days.html Apache Fixes Privilege Escalation Flaw https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211 Verizon Users Phished for Credentials https://blog.lookout.com/mobile-phishing-verizon

Certain Ubiquity Equipment Vulnerable to CSRF/Code Execution https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20170316-0_Ubiquiti_Networks_authenticated_command_injection_v10.txt Proton Mac OS RAT https://www.cybersixgill.com/proton-a-new-mac-os-rat/ Linux Kernel n_hdlc Privilege Escalation http://seclists.org/oss-sec/2017/q1/569 VMWare Copy/Paste Exploit Fixed https://www.vmware.com/security/advisories/VMSA-2017-0005.html

New Tool: Packettotal.com http://www.packettotal.com What Not To Decrypt When Intercepting SSL https://isc.sans.edu/forums/diary/Stuff+I+Learned+Decrypting/22059/ webcast: https://www.sans.org/webcasts/8-ways-watch-invisible-analyzing-encrypted-network-traffic-103277 Simple Static Malware Analyzer https://github.com/secrary/SSMA Critical Firefox for Android Vulnerability https://www.mozilla.org/en-US/security/advisories/mfsa2017-04/ Ubuntu ntfs-3g Privilege Escalation https://bugs.chromium.org/p/project-zero/issues/detail?id=1072 Microsoft Patch Tuesday Changes http://www.infoworld.com/article/3139922/microsoft-windows/microsoft-to-revamp-its-documentation-for-security-patches.html