Security Research
SCCM Exploitation: Account Compromise Through Automatic Client Push & AD System Discovery
Author: Marshall Price, Senior Security Consultant TL;DR: The following conditions can lead to compromise of the SCCM client push account […] ...
USENIX Security ’23 – Automata-Guided Control-Flow-Sensitive Fuzz Driver Generation
Authors/Presenters: *Cen Zhang, Yuekang Li, Hao Zhou, Xiaohan Zhang, Yaowen Zheng, Xian Zhan, Xiaofei Xie, Xiapu Luo, Xinghua Li, Yang Liu, Sheikh Mahbub Habib* Many thanks to USENIX for publishing their outstanding ...
USENIX Security ’23 – DDRace: Finding Concurrency UAF Vulnerabilities in Linux Drivers with Directed Fuzzing
Authors/Presenters: *Ming Yuan and Bodong Zhao, Penghui Li, Jiashuo Liang, Xinhui Han, Xiapu Luo, Chao Zhang* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations ...
Macro Segmentation vs. Micro Segmentation
Understanding the distinction between macro segmentation vs. micro segmentation, and making the right choice Within network security segmentation, macro segmentation vs. micro segmentation are crucial methods to consider for organizations aiming to ...
USENIX Security ’23 – Zechao Cai, Jiaxun Zhu, Wenbo Shen, Yutian Yang, Rui Chang, Yu Wang, Jinku Li, Kui Ren – Demystifying Pointer Authentication on Apple M1
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and ...
CVE-2023-48788 Vulnerability Reported in FortiClientEMS
Fortinet’s FortiClient EMS product exploited via CVE-2023-48788, a critical SQL injection vulnerability : OFFICIAL CVE-2023-48788 PATCHING INFORMATION : The CISA (Cybersecurity and Infrastructure Security Agency) has alerted organizations to actively exploit ‘The ...
USENIX Security ’23 – Lukas Lamster, Martin Unterguggenberger, David Schrammel, and Stefan Mangard – HashTag: Hash-based Integrity Protection for Tagged Architectures
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and ...
USENIX Security ’23 – Design Of Access Control Mechanisms In Systems-On-Chip With Formal Integrity Guarantees
Authors/Presenters:*Dino Mehmedagić, Mohammad Rahmani Fadiheh, Johannes Müller, Anna Lena Duque Antón, Dominik Stoffel, Wolfgang Kunz* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong ...
Top Ten NSA and CISA Cloud Security Strategies
NSA and CISA release a joint guide outlining ten pivotal cloud security strategies for enterprise In a business world dominated by cloud-based solutions, robust cloud security strategies for cloud environments have never ...
USENIX Security ’23 – Jinwen Wang, Yujie Wang, Ao Li, Yang Xiao, Ruide Zhang, Wenjing Lou, Y. Thomas Hou, Ning Zhang – ARI: Attestation of Real-time Mission Execution Integrity
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and ...