#exploit
#AppSec
"ScriptCase - Pre-Authenticated RCE
(CVE-2025-47227, CVE-2025-47228)", 2025.
]-> PoC Script
// Pre-auth RCE is achieved by chaining two vulnerabilities: the first is the ability to reset the administrator password of the prod console under certain conditions, and the second is a simple authenticated RCE in the connection features where user input is directly concatenated to a ssh system command
#reversing
#Automotive_Security
"ByCAN: Reverse Engineering Controller Area Network (CAN) Messages from Bit to Byte Level", 2024.
]-> Linux kernel driver for Microchip CAN BUS Analyzer Tool
See also:
]-> Mazda Connect CMU Attack Surface + Vulns
]-> Kenwood DMX958XR Attack Surfaces
]-> Sony XAV-AX8500 Attack Surfaces (Part 1, Part 2)
]-> Pioneer DMH-WT7600NEX IVI Attack Surfaces
]-> Tesla Wall Connector EV Attack Surface
]-> Mercedes-Benz Head Unit Security Research Report
#Malware_analysis
1. Schizophrenic ZIP - Yet another ZIP trick
https://hackarcana.com/article/yet-another-zip-trick
2. Hpingbot
https://nsfocusglobal.com/hpingbot-a-new-botnet-family-based-on-pastebin-payload-delivery-chain-and-hping3-ddos-module
3. BOSS Linux and malicious .desktop file
https://www.cyfirma.com/research/phishing-attack-deploying-malware-on-indian-defense-boss-linux
#DFIR
#Whitepaper
#Blue_Team_Techniques
"Windows (10/Servers) Forensics Analysis", v.1.0.
]-> Windows User Activity Analysis
// This whitepaper will help DFIR investigators get better and faster evidence during Windows forensic investigations with ZERO money cost instead of using commercial DFIR tools
#DFIR
#Tech_book
#Blue_Team_Techniques
"Microsoft Defender for Identity in Depth:
An exhaustive guide to ITDR, breach prevention, and cyberattack response", 2024.
// This book - comprehensive guide to mastering MDI. It brings together everything you need in one place, from setting up and configuring MDI to exploring advanced features and integrations