Weekly in Security is a summary of the cybersecurity news from the past week. This post covers 2022-09-05 to 2022-09-12.
Version 7.93 of the famous network scanner Nmap was released. The anniversary announcement includes a few interesting goodies.
The 1992 movie predicted the rise and dangers of today’s instant-information age. Martin heads a group of specialists who test the security of companies. He is approached by two NSA officers who ask him to steal universal decoder.
This out-of-bounds write vulnerability in Safari was exploited by Mafred Paul. Based on the available patch information the created a technical write-up. The article starts with a patch analysis. It furthermore dives down the rabbit hole of Just-in-time (JIT) in JavaScriptCore (JSC). The post also pays tribute to the article Project Zero: JITSploitation I: A JIT Bug. The video shows that they managed to open calc with the PoC.
Third-party programs can make users’ lives easier by storing their credentials in them. This convenience often comes at the price of poor security, causing the risk of password theft. The article by Unit42 provides a overview of some common third-party programs that might contain credentials.
Patreon has confirmed it has laid off the entire security team. Techcrunch reported on this. Also on Twitter affected employees commented on the matter. The background for the layoffs was not commented by the management. However, an external organisation would “develop […] security capabilities and conduct regular security assessments”.
Code White published their tool SysmonEnte. Sysmon often is the root of trust for security monitoring SysmonEnte is able to manipulate the control flow of Sysmon event logging. The code is available on GitHub at codewhitesec/SysmonEnte.
Similar tools already exist with SysmonQuiet or EvtMute. A detailed technical article is available here. The slide from X33fcon are also available online.
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
I stumbled over this stale repo the last days. It has already been incorporated into SecLists.