- Bypassing Intel Boot Guard
- Someone Created a Tor Hidden Service to Phish my Tor Hidden Service
- Testing Security Keys
- Investigating Security Incidents with Passive DNS
-
Macro-less Code Exec in MSWord / Abusing Microsoft Office DDE (incl reg entries to disable DDEAUTO)
- reports of “in the wild” exploitation 15/10/2017 and new crypto worm 24/10/2017!
- e.g. securingtomorrow.mcafee.com/mcafee-labs/apt28-threat-group-adopts-dde-technique-nyc-attack-theme-in-latest-campaign/ (7/11)
- Microsoft advisory (incl KB3123630) 10/10/2017 for patches
- 0patching the Office DDE / DDEAUTO Vulnerability… ehm… Feature
— (note that, similar to the MS advisory “workarounds”, this might break functionality – e.g. Excel auto-updating of externally linked cells) - Peeking into .msg files
- It’s in the signature
- Attacking a co-hosted VM: A hacker, a hammer and two memory modules
- Microsoft VulnScan – Automated Triage and Root Cause Analysis of Memory Corruption Issues
- (Ok so Google is picking on all the competition but these are still interesting…)
Enjoy and feel free to share your own with csirt AT sanren . ac
![[TI: logo for TI accredited teams]](../assets/img/TI-Accredited_120x120.jpg)
![[FIRST.org Logo]](../assets/img/first-org-simple.png)