Adversary Tactics..

Short video series on various adversary tactics, trade-craft and exploits.

Exploiting DirtyPipe [CVE-2022-0847] - Linux Privilege Escalation Vulnerability

Couple of days ago, a cyber security researcher named Max Kellermann published a new privilege escalation vulnerability named DirtyPipe with CVE number 2022-0847.

Read more.

15 March 2022

#privilege-escalation #exploit #T1068 #CVE-2022-0847

Dirty way to silence the Cylance

Bypassing Cylance ThreatProtect/Optics by exploiting elevated access to ignore DLL hooking then dumping credentials without creating any alerts. Demonstrated this dirty trick at Nullcon back in 2020.

Read more.

02 March 2020

#defense-evasion #EDR-bypass #TA0005 #dirty-way