Events Related

Tools

  • dnstwist – github.com
    Domain name permutation engine for detecting typo squatting, phishing and corporate espionage

Techniques

  • Hot Potato – Windows Privilege Escalation – foxglovesecurity.com
    Hot Potato (aka: Potato) takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay (specifically HTTP->SMB relay) and NBNS spoofing.

Vulnerabilities

  • Serious Linux Kernel Vulnerability Patched – threatpost.com
    The vulnerability affects versions 3.8 and higher, said researchers at startup Perception Point who discovered the vulnerability. The flaw also extends to two-thirds of Android devices, the company added.
  • Analysis of iOS & OS X Vulnerability: CVE-2016-1722 – blog.zimperium.com
    During our fuzzing attempts in effort to improve the state of security on iOS devices, we investigated one of the crashes that our fuzzer triggered. Our fuzzer was not targeting syslog code, but once we investigated the crash it led to a comprehensive review of the open-source portion of syslogd.

Other News