Security Research

Remote Linux Kernel Heap Overflow TIPC Module Allows Arbitrary Code Execution Ftr

CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution

SentinelLabs has discovered a heap overflow vulnerability in the TIPC module of the Linux Kernel, which can allow attackers to compromise an entire system.

Read More
AlphaGolang A Step By Step Go Malware Reversing Methodology For IDA Pro 4

AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro

SentinelLabs sets off to dispel the myth that Go malware is hard to reverse engineer. This suite of IDApython scripts will set you well on your way

Read More
Case Studies In MacOS Malware String Decryption With Radare2 13

Techniques for String Decryption in macOS Malware with Radare2

In Part 3 of our macOS reversing series, we look at three different macOS malware samples and walk you through how to decipher encrypted strings.

Read More
Defeating MacOS Malware Anti Analysis Tricks With Radare2 10

Defeating macOS Malware Anti-Analysis Tricks with Radare2

Learn how to beat malware authors' control flow and avoid executing unwanted parts of their code to analyze macOS malware in radare2.

Read More
CVE 2021 3437 HP OMEN Gaming Hub Privilege Escalation Bug Hits Millions Of Gaming Devices 1

CVE-2021-3437 | HP OMEN Gaming Hub Privilege Escalation Bug Hits Millions of Gaming Devices

A high severity flaw in HP's OMEN Gaming Hub software allows any user to escalate privileges to kernel-level mode.

Read More
6 Pro Tricks For Rapid MacOS Malware Triage With Radare2 7

6 Pro Tricks for Rapid macOS Malware Triage with Radare2

Learn more about reversing real-world macOS malware in this new series for intermediate to advanced analysts, starting with these r2 tips!

Read More
Massive New AdLoad Campaign Goes Entirely Undetected By Apples XProtect 5

Massive New AdLoad Campaign Goes Entirely Undetected By Apple’s XProtect

Learn how to detect the latest variant of this widespread adware and browser hijacker, its infection pattern and indicators of compromise.

Read More
Hotcobalt New Cobalt Strike DoS Vulnerability That Lets You Halt Operations 5

Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations

CVE-2021-36798 is a vulnerability in Cobalt Strike server that could allow victims to register a fake Beacon and DoS attackers.

Read More
CVE 2021 3438 16 Years In Hiding Millions Of Printers Worldwide Vulnerable 4

CVE-2021-3438: 16 Years In Hiding – Millions of Printers Worldwide Vulnerable

A high severity flaw in HP, Samsung and Xerox printer drivers has existed since 2005 and could lead to an escalation of privilege.

Read More
Bypassing MacOS TCC User Privacy Protections By Accident And Design 8

Bypassing macOS TCC User Privacy Protections By Accident and Design

TCC is meant to protect user data from unauthorized access, but design flaws mean users and malware can bypass TCC, even by accident.

Read More