FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Contain Yourself: Staying Undetected Using the Windows Container Isolation Framework

By /u/Daniel24z25 β€” August 31st 2023 at 07:42

Research presented on DEF CON 31 that demonstrates how the Windows containers isolation framework (wcifs.sys), which is loaded on every modern Windows system by default, can be abused to bypass EDR file system malware protection, file/folder write restrictions and I/O ETW log-based correlations.

submitted by /u/Daniel24z25
[link] [comments]
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Multiple Vulnerabilities Found in Techview LA-5570 Wireless Gateway Home Automation Controller

By /u/9lyph β€” August 28th 2023 at 23:09

CVE-2023-34723

Vulnerability Type: Directory Indexing, allows a threat actor to list the contents of specific directories outside of the web root context.

CVE-2023-34724

Vulnerability Type: On-Chip Debug and Test Interface With Improper Access Control, allows a threat actor unrestricted access to the root filesystem using an exposed UART interface, without the need for authentication.

CVE-2023-34725

Vulnerability Type: Incorrect Access Control, allows a threat actor access to sensitive systems configuration files without proper authentication or authorisation.

submitted by /u/9lyph
[link] [comments]
☐ β˜† βœ‡ /r/netsec - Information Security News & Discussion

Threat Hunting Newsletter - Excel for Threat Hunters

By /u/m_edmondson β€” August 26th 2023 at 10:50

I wrote a newsletter on how to use Excel to hunt your data for threats.

submitted by /u/m_edmondson
[link] [comments]
❌