Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.18.md

Intel Outside: Hacking every Intel employee and various internal websites - https://eaton-works.com/2025/08/18/intel-outside-hack/

TLS NoVerify: Bypass All The Things - https://f0rw4rd.github.io/posts/tls-noverify-bypass-all-the-things/

Enumerating AWS the quiet way: CloudTrail-free discovery with Resource Explorer - https://securitylabs.datadoghq.com/articles/enumerating-aws-the-quiet-way-cloudtrail-free-discovery-with-resource-explorer/

macOS LPE via the .localized directory - https://theevilbit.github.io/posts/localized/

Copilot Broke Your Audit Log, but Microsoft Won’t Tell You - https://pistachioapp.com/blog/copilot-broke-your-audit-log

#informatyka

Festerku ratuj, bo mi się laptok spalił.

Przynieś, popaczam.

W U T ???!!!

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Pamiętajcie dzieciaczki nie zostawiajcie na stole stroików świątecznych z zapalonymi świeczkami.

Płyta oczywiście martwa, ale dysk (trochę osmalony) ocalał, leci kopia posektorowa.

#informatyka #hardware #diy #heheszki #pcmasterrace

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.16.md

FortMajeure: Authentication Bypass in FortiWeb (CVE-2025-52970) - https://pwner.gg/blog/2025-08-13-fortiweb-cve-2025-52970

“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development - https://blog.calif.io/p/vibe-hacking-abusing-developer-trust

From Process Injection to Function Hijacking - https://klezvirus.github.io/posts/From-stomping-to-hijacking/#function-stomping

How to fuse CTI with threat hunting - https://feedly.com/ti-essentials/posts/how-to-fuse-cti-with-threat-hunting

Declarative Binary Parsing for Security Research with Kaitai Struct - https://husseinmuhaisen.com/blog/declarative-binary-parsing-for-security-research-with-kaitai-struct/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.14.md

Zero Click, One NTLM: Microsoft Security Patch Bypass (CVE-2025-50154) - https://cymulate.com/blog/zero-click-one-ntlm-microsoft-security-patch-bypass-cve-2025-50154/

The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools - https://www.safebreach.com/blog/process-injection-using-windows-thread-pools/

OmniProx: Multi-Cloud IP Rotation Made Simple - https://blog.zsec.uk/omniprox/

When Defenders Become the Attackers: The Elastic EDR 0-Day (RCE + DoS) - https://ashes-cybersecurity.com/0-day-research/

From Support Ticket to Zero Day - https://horizon3.ai/attack-research/attack-blogs/from-support-ticket-to-zero-day/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.12.md

Breaking change on GitHub Actions pull_request_target - https://blog.richardfan.xyz/2025/11/17/github-actions-pull-request-target-changes.html

How to Research & Reverse Web Vulnerabilities 101 - https://projectdiscovery.io/blog/how-to-research-web-vulnerabilities

A File Format Uncracked for 20 Years - https://landaire.net/a-file-format-uncracked-for-20-years/

From Drone Strike to File Recovery: Outsmarting a Nation State - https://profero.io/blog/from-drone-strike-to-file-recovery-outsmarting-a-nation-state

CVE-2025-6554: The (rabbit) Hole - https://retr0.zip/blog/cve-2025-6554-the-rabbit-hole.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.10.md

Reverse Engineering Network Protocols - https://jhalon.github.io/reverse-engineering-protocols/

Stillepost - Or: How to Proxy your C2s HTTP-Traffic through Chromium - https://x90x90.dev/posts/stillepost/

Hacking the Nokia Beacon 1 Router: UART, Command Injection, and Password Generation with Qiling - https://spaceraccoon.dev/nokia-beacon-router-uart-command-injection/

CLRaptor: Hunting reflected assemblies with Velociraptor - https://labs.infoguard.ch/posts/clraptor_hunting_for_assemblies/

Evading Elastic EDR's call stack signatures with call gadgets - https://offsec.almond.consulting/evading-elastic-callstack-signatures.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.08.md

CVE-2024-12718: Path Escape via Python’s tarfile Extraction Filters - https://www.upwind.io/feed/cve-2024-12718-path-escape-via-pythons-tarfile-extraction-filters

AI LLM Red Team Handbook - https://cph-sec.gitbook.io/ai-llm-red-team-handbook-and-field-manual

Public Disclosure: Backdooring Managed Identities via Azure API Management - https://dazesecurity.io/blog/apimMIVuln

Grafana Dashboard for my Blackstone Smoker - https://paulsec.github.io/posts/grafana-dashboard-for-my-blackstone-smoker/

Malware Sideloading via MFC Satellite DLLs - https://r136a1.dev/2025/12/03/malware-sideloading-via-mfc-satellite-dlls/

#informatyka

AAAAAAAAA trzymcie mnie, bo nie wytrzymie.

Płatnik to i jakiś ponury żart.

Przesiadka z WIN7PRO64bit na WIN11PRO64bit, Płatnik 10.02.002(313) z bazą .mdb, wypierdala się koncertowo w losowych momentach, z komunikatami o braku zasobów - jaaaasne -nowy komp, nowy system, 32GB/1TB to za mało.

Coś mi się zdaje, że będzie migracja bazy na SQL-a.

#zalesie #informatyka #zus

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.06.md

ClickFix Gets Creative: Malware Buried in Images - https://www.huntress.com/blog/clickfix-malware-buried-in-images

Developing Modern Ransomware Part 1: User-Land - https://lorenzomeacci.com/developing-modern-ransomware-part-1-user-land

Exploiting DLL Hijacking in Windows Electron Apps - https://hexiosec.com/blog/dll-hijacking-and-proxying/

Implementing syscall hooks in Rust - https://fluxsec.red/implementing-syscall-hooking-rust

The cryptography behind electronic passports - https://blog.trailofbits.com/2025/10/31/the-cryptography-behind-electronic-passports/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.04.md

Long Live Pass-The-Cert: Reviving the Classical Rendition of Lateral Movement across Entra ID joined Devices - https://www.alteredsecurity.com/post/long-live-pass-the-cert-reviving-the-classical-rendition-of-lateral-movement-across-entra-id-joined

Ublock Origin Script Injection - https://grahamhelton.com/blog/ublock-origin-script-injection

ROX: Vulnerability Research - how to approach a black box without wasting time - https://numb3rs.re/posts/approaching_large_binaries/

Memory Analysis with Velociraptor - Part 1 - https://docs.velociraptor.app/blog/2025/2025-11-15-memory-analysis-pt1/

BetterSuccessor: Still abusing dMSA for Privilege Escalation (BadSuccessor after patch) - https://www.alteredsecurity.com/post/bettersuccessor-still-abusing-dmsa-for-privilege-escalation-badsuccessor-after-patch

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.12.02.md

You Already Have Our Personal Data, Take Our Phone Calls Too - https://labs.watchtowr.com/you-already-have-our-personal-data-take-our-phone-calls-too-freepbx-cve-2025-57819/

Living Off the Land: Windows Post-Exploitation Without Tools - https://xbz0n.sh/blog/living-off-the-land-windows

Protecting C2 Traffic in Nim - https://jakobfriedl.github.io/blog/nim-c2-traffic/

The Trojan Horse You Didn’t Check: PHP Session Unserialization as an Attack Vector - https://d3caff.gitbook.io/me/blog-posts/the-trojan-horse-you-didnt-check-php-session-unserialization-as-an-attack-vector

An API Worm In The Making: Thousands Of Secrets Found In Open S3 Buckets - https://trufflesecurity.com/blog/an-api-worm-in-the-making-thousands-of-secrets-found-in-open-s3-buckets

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.11.30.md

Dumping the VEH in Windows 10 - https://dimitrifourny.github.io/2020/06/11/dumping-veh-win10.html

AI slop security engineering: Okta's nextjs-0auth troubles - https://joshua.hu/ai-slop-okta-nextjs-0auth-security-vulnerability

Sliver C2 Insecure Default Network Policy (CVE-2025-27093) - https://hngnh.com/posts/Sliver-CVE-2025-27093/

Hide the threat – GPO lateral movement - https://www.intrinsec.com/hide-the-threat-gpo-lateral-movement/

Bloody Wolf: A Blunt Crowbar Threat To Justice - https://www.group-ib.com/blog/bloody-wolf/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.11.28.md

The minefield between syntaxes: exploiting syntax confusions in the wild - https://www.yeswehack.com/learn-bug-bounty/syntax-confusion-ambiguous-parsing-exploits

Covert red team phishing with Phishing Club - https://phishing.club/blog/covert-red-team-phishing-with-phishing-club/

Making Serialization Gadgets by Hand - .NET - https://www.vulncheck.com/blog/making-dotnet-gadgets

x64 Return Address Spoofing - https://hulkops.gitbook.io/blog/red-team/x64-return-address-spoofing

Simulating EtherHiding: Blockchain as a Malware - https://cymulate.com/blog/simulating-etherhiding-blockchain-as-a-malware/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.11.26.md

Flare-On 12 – Task 9 - https://hshrzd.wordpress.com/2025/11/20/flare-on-12-task-9/

DirtyPipe CVE-2022-0847 - https://stdnoerr.blog/blog/DirtyPipe-CVE-2022-0847

Dirty Vanity: A New Approach to Code Injection & EDR Bypass - https://www.deepinstinct.com/blog/dirty-vanity-a-new-approach-to-code-injection-edr-bypass

Covert red team phishing with Phishing Club - https://phishing.club/blog/covert-red-team-phishing-with-phishing-club/

Unusual circuits in the Intel 386's standard cell logic - https://www.righto.com/2025/11/unusual-386-standard-cell-circuits.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.11.24.md

Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers - https://blog.quarkslab.com/nvidia_gpu_kernel_vmalloc_exploit.html

Rhadamanthys Loader Deobfuscation - https://cyber.wtf/2025/11/19/rhadamanthys-loader-deobfuscation/

Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey... - https://dti.domaintools.com/threat-intelligence-report-apt35-internal-leak-of-hacking-campaigns-against-lebanon-kuwait-turkey-saudi-arabia-korea-and-domestic-iranian-targets/

Windows ARM64 Internals: Deconstructing Pointer Authentication - https://www.preludesecurity.com/blog/windows-arm64-internals-deconstructing-pointer-authentication

Breaking the Flash Encryption Feature of Espressif’s Parts - https://courk.cc/breaking-flash-encryption-of-espressif-parts#breaking-flash-encryption-of-espressif-parts #informatyka

#informatyka #komputery #kiciochpyta

Mam problem z KVM Aten CS-84A - podwójne wciśnięcie Ctrl powoduje zmianę aktualnego portu. Przy pracy w konsoli to nie przeszkadza, ale w graniu już owszem ( ͡° ʖ̯ ͡°)

Instrukcja podaje możliwość zmiany hotkeya, ale tylko dla niższego modelu CS-82A (sic!). Czy ktoś z was się orientuje, czy można to zmienić albo całkiem wyłączyć w jakiś nieoficjalny sposób? Flashowanie fw też wchodzi w grę jeśli w ogóle jest taka możliwość.

NVMe, to ZUO.

Strzeżcie się trybu tylko do odczytu, to najprostsza droga do utraty danych.

Uszkodzony dysk przełączył się w tryb RO, ale oczywiście pozwalał na pracę.

Na szczęście czujny kierownik zgłosił, że coś za wolno działa.

Odzysk danych z padłego dysku trwał 27 godzin !!!

ddrescue robi robotę

#informatyka #odzyskiwaniedanych #diy

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2025.11.22.md

JAVELIN: Fully Undetectable Windows Shellcode Loader Now Available in IRIS C2 - https://www.irisc2.com/blog/javelin-fud-loader

Vibecoding my way to a crit on Github - https://furbreeze.github.io/2025/10/28/vibecoding-my-way-to-a-crit-on-github.html

Interview with the Chollima V - https://quetzal.bitso.com/p/interview-with-the-chollima-v

Noooooooooo Touch! - https://sensepost.com/blog/2025/noooooooooo-touch/

You just got vectored – using vectored exception handlers (veh) for defense evasion and process injection - https://www.ibm.com/think/x-force/using-veh-for-defense-evasion-process-injection

#informatyka