This post covers 2022-12-19 to 2022-12-26.
Vulnerabilities#
Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability#
- ZDI-22-1690 | Zero Day Initiative
- Linux Kernel Ksmbd Use-After-Free Remote Code Execution Vulnerability | Hacker News
- oss-sec: Details on this supposed Linux Kernel ksmbd RCE
- Red Hat response to Zero Day Initiative ksmb vulnerabilities - Red Hat Customer Portal
Interesting Reads#
Comprehensive Rust#
Using OpenAI to Generate Phishing Campaigns#
Data exfiltration using Excel#
Hackers stole encrypted LastPass password vaults#
- Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it - The Verge
- Cracking encrypted Lastpass vaults | Markuta
Tools#
- BlueMap - A Azure Exploitation Toolkit for Red Team & Pentesters
- Havoc - The Havoc Framework
- Incident Response Methodologies (IRM) - Incident Response Methodologies 2022