Security Alerts & News
by Tymoteusz A. Góral

#1929 Exploiting a misused C++ shared pointer on Windows 10
In this post I describe a detailed solution to my “winworld” challenge from Insomni’hack CTF Teaser 2017. winworld was a x64 windows binary coded in C++11 and with most of Windows 10 built-in protections enabled, notably AppContainer (through the awesome AppJailLauncher), Control Flow Guard and the recent mitigation policies.

These can quickly be verified using Process Hacker (note also the reserved 2TB of CFGBitmap!)
Read more
#1929 Exploiting a misused C++ shared pointer on Windows 10
#1928 PayPal users targeted in sophisticated new phishing campaign
#1927 Netflix scam delivers ransomware
#1926 SMS-exploitable bug in Samsung Galaxy phones can be used for ransomware attacks
#1925 WordPress 4.7.2 update fixes XSS, SQL injection bugs
#1924 Cisco warns of critical flaw in teleconferencing gear
#1923 Majority of Android VPNs can’t be trusted to make users more secure
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12