ATTACK  2024  2023  2022  2021  2020  Other

DATE

NAME

CATEGORY

SUBCATEGORIES

INFO

10.4.24

Residual Attack Surface of Cross-privilege Spectre v2

Attack

CPU

We present InSpectre Gadget, an in-depth Spectre gadget inspector that uses symbolic execution to accurately reason about exploitability of usable gadgets. Our tool performs generic constraint analysis and models knowledge of advanced exploitation techniques to accurately reason over gadget exploitability in an automated way.

4.4.24VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacksAlertAlertHTTP allows messages to include named fields in both header and trailer sections. These header and trailer fields are serialised as field blocks in HTTP/2, so that they can be transmitted in multiple fragments to the target implementation
4.4.24HTTP/2 ‘Rapid Reset’ DDoS attackAttackHTTPA number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second.
4.4.24HTTP/2 CONTINUATION FloodAttackHTTPtl;dr: Deep technical analysis of the CONTINUATION Flood: a class of vulnerabilities within numerous HTTP/2 protocol implementations. In many cases, it poses a more severe threat compared to the Rapid Reset: a single machine (and in certain instances, a mere single TCP connection or a handful of frames) has the potential to disrupt server availability, with consequences ranging from server crashes to substantial performance degradation.
27.3.24ZENHAMMER: Rowhammer Attacks AttackCPUon AMD Zen-based Platforms
23.3.24GoFetch AttackAttackside-channel attack GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs).
22.3.24Loop DoSAttackApplication-Layer ProtocolsLoop DoS: New Denial-of-Service Attack targets Application-Layer Protocols
8.3.24CRLF InjectionAttackOSThe term CRLF refers to Carriage Return (ASCII 13, \r) Line Feed (ASCII 10, \n). They’re used to note the termination of a line, however, dealt with differently in today’s popular Operating Systems. For example: in Windows both a CR and LF are required to note the end of a line, whereas in Linux/UNIX a LF is only required. In the HTTP protocol, the CR-LF sequence is always used to terminate a line.
5.3.24PASS-THE-HASH ATTACKAttackPtHPass the hash (PtH) is a type of cybersecurity attack in which an adversary steals a “hashed” user credential and uses it to create a new user session on the same network. Unlike other credential theft attacks, a pass the hash attack does not require the attacker to know or crack the password to gain access to the system. Rather, it uses a stored version of the password to initiate a new session.
4.3.24ComPromptMizedAttackAIComPromptMized: Unleashing Zero-click Worms that Target GenAI-Powered Applications
2.3.24GOLDEN TICKETAttackAttackA Golden Ticket attack is a malicious cybersecurity attack in which a threat actor attempts to gain almost unlimited access to an organization’s domain (devices, files, domain controllers, etc.) by accessing user data stored in Microsoft Active Directory (AD).
2.3.24Golden SAMLAttackAttackGolden SAML, an attack technique that exploits the SAML single sign-on protocol, was used as a post-breach exploit, compounding the devastating SolarWinds attack of 2020—one of the largest breaches of the 21st century.

3.2.24

NTLM Relay Attacks

Attack

Attack

NTLM relay attacks A dangerous game of hot potato

29.1.24

MavenGate

Attack

Supply chain

Android, Java apps susceptible to novel MavenGate software supply chain attack technique

20.1.24

Brute Force: Password Spraying

Attack

Brute Force

Adversaries may use a single or small list of commonly used passwords against many different accounts to attempt to acquire valid account credentials.

12.1.24

Hadoop attack flow

Attack

Apache

Apache Applications Targeted by Stealthy Attacker

1.1.24

Terrapin Attack

Attack

SSH

Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation