Archives

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers – post by LinkCyb

Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put […]

Attacks Over The Air – Cracking a Sports Scoreboard: Part 3 – post by LinkCyb

In our last post, part 2, we successfully captured the binary messages sent from the Score9 scoreboard controller to the receiver. Our main tools were the HackRF One software-defined radio and the Universal Radio Hacker tool. We had the binary, but unfortunately, as we discovered, it was encrypted – this became a serious challenge for […]

Kronos Malware Reemerges with Increased Functionality – post by LinkCyb

The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos […]

An IBM Hacker Breaks Down High-Profile Attacks – post by LinkCyb

On September 19, 2022, an 18-year-old cyberattacker known as “teapotuberhacker” (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website GTAForums.com. Gamers got an unsanctioned sneak peek of […]

Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP” – post by LinkCyb

September’s Patch Tuesday unveiled a critical remote vulnerability in tcpip.sys, CVE-2022-34718. The advisory from Microsoft reads: “An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPsec is enabled, which could enable a remote code execution exploitation on that machine.” Pure remote vulnerabilities usually yield a lot of interest, but […]

What is Lorem Ipsum?

Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic […]