Meta Red Team X
BUGSABOUTHOME
  • CVE-2023-4039: GCC's -fstack-protector fails to guard dynamic stack allocations on ARM64 TOP NEW

    Sep 12, 2023 Tom Hebb, Red Team X About 16 mins

    GCC’s stack smashing protection, which keeps attackers from exploiting stack buffer overflow bugs in code it compiles, has no effect when the vulnerable buffer is a variable-length array or alloca() allocation and the target architecture is 64-bit ARM. This issue is a mitigation weakness and is not exploitable directly. A fix is now available o... Read More

  • Sandboxing ImageIO media parsing in macOS TOP NEW

    Sep 11, 2023 Nik Tsytsarkin, Red Team X About 7 mins

    While assessing the potential impact of the latest BLASTPASS Zero-Click, Zero-Day Exploit on our Family of Apps, we discovered a feature in ImageIO that moves image parsing to an out-of-process sandbox. This feature mitigates the effects of vulnerabilities related to image parsing on macOS similar to BLASTPASS. App developers can enable this fe... Read More

  • In-Memory Execution in macOS: the Old and the New TOP NEW

    Dec 19, 2022 Manish Bhatt, Red Team X About 14 mins

    As part of our work, it’s often interesting to try to find possible avenues of attack that bypass detections on EDR products. On macOS, EDR products specifically collect telemetry from fork and exec syscalls. macOS has alternative ways of executing code, which side-step these system calls by executing code directly in-memory. There are a few A... Read More

  • Uncovering Hidden .NET Assemblies TOP NEW

    Sep 21, 2022 Michael Henry, Red Team X About 8 mins

    We recently completed a security review of ControlUp Agent by ControlUp Technologies. The software is responsible for remote management and analytics of agent hosts on which it runs. The software is typically deployed in virtualization infrastructure environments. This writeup details the steps taken to assess the software, bypass obfuscation, ... Read More

  • All4
  • mitigation 2
  • post-exploitation 1
  • reversing 1
© 2022-2023 Meta Red Team X
Powered by Jekyll & Yat Theme.
Subscribe via RSS