unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Exploiting Exchange PowerShell After ProxyNotShell: Part 1 - MultiValuedProperty
In this article, part one of the series, I describe the...
2024-9-5 23:39:37 | 阅读: 6 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
exchange
attacker
microsoft
powershell
Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks (Archive)
This version of the blog is preserved for archival purposes only. An updated version of this blog, i...
2024-9-3 23:51:7 | 阅读: 5 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
windows
eop
rbs
rollback
oplock
CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability
In this excerpt of a Trend Micro Vulnerability Researc...
2024-8-28 23:0:0 | 阅读: 12 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
trailer
spnego
client
dcerpc
From Pwn2Own Automotive: Taking Over the Autel Maxicharger
This blog highlights two vulnerabilities that were di...
2024-8-23 01:47:11 | 阅读: 2 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
firmware
autel
door
ghidra
memory
CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections
Zero Day Initiative threat researchers discovered CVE...
2024-8-15 23:41:52 | 阅读: 16 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
webdav
windows
microsoft
protections
smartscreen
The August 2024 Security Update Review
I have successfully survived Summer Hacker Camp, and I hope you have too. And we return just in t...
2024-8-14 02:5:1 | 阅读: 14 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
microsoft
windows
attacker
substance
elevation
Introducing the Vanguard Awards
This year at Black Hat USA, Trend Micro’s Zero Day Initiative (ZDI) will award our inaugural Vang...
2024-8-5 22:0:0 | 阅读: 1 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
award
awards
submissions
zdi
enclosure
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 3
To wrap up this blog series we wanted to include one more technique that you can use when exploiti...
2024-8-1 23:0:0 | 阅读: 10 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
windows
papercut
zdi
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2
The number of vulnerabilities that we see through the...
2024-7-31 22:48:13 | 阅读: 14 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
alternate
eset
security
ekrn
eicar
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1
The number of link following vulnerabilities submitte...
2024-7-30 22:13:24 | 阅读: 7 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
avastsvc
reparse
junction
windows
Multiple Vulnerabilities in the Deep Sea Electronics DSE855
Recently, Trend Micro’s ZDI has published multiple ad...
2024-7-26 02:58:0 | 阅读: 8 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
zdi
software
overflow
sea
Announcing Pwn2Own Ireland – Bringing Pwn2Own (and WhatsApp) to the Emerald Isle
If you just want to read the rules, you can find them...
2024-7-18 21:12:11 | 阅读: 24 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
contest
pwn2own
contestants
network
synology
Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD
On patch Tuesday last week, Microsoft released an update for CVE-2024-38112, which they said was...
2024-7-15 22:49:53 | 阅读: 8 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
microsoft
security
zdi
cvd
The July 2024 Security Update Review
We’re just past the halfway point of 2024, and as expected, Microsoft and Adobe have released the...
2024-7-10 01:29:22 | 阅读: 11 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
microsoft
windows
cves
remote
licensing
Getting Unauthenticated Remote Code Execution on the Logsign Unified SecOps Platform
Earlier this year, the Trend Micro Zero Day Initiativ...
2024-7-2 00:56:53 | 阅读: 7 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
logsign
attacker
python
injection
The June 2024 Security Update Review
Somehow, we’ve made it to the sixth patch Tuesday of 2024, and Microsoft and Adobe have released...
2024-6-12 01:31:11 | 阅读: 12 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
microsoft
attacker
attackers
cves
windows
CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud
Yes, the title is right. This blog covers an XML eXte...
2024-5-30 23:44:46 | 阅读: 8 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
xmlresolver
microsoft
MindShaRE: Decapping Chips for Electromagnetic Fault Injection (EMFI)
Recently, the automotive VR team has undertaken an ef...
2024-5-24 00:19:47 | 阅读: 5 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
acid
decapping
sulfuric
hot
The May 2024 Security Update Review
Welcome to the second Tuesday of May. As expected, Adobe and Microsoft have released their standa...
2024-5-15 01:28:20 | 阅读: 12 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
microsoft
attacker
windows
bypass
CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own
In this guest blog from Master of Pwn winner Cody Gall...
2024-5-10 02:8:55 | 阅读: 5 |
收藏
|
Zero Day Initiative - Blog - www.thezdi.com
vbe
vga
hevent
ioport
vgastate
Previous
1
2
3
4
5
6
7
8
Next