Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations
CVE-2021-36798 is a vulnerability in Cobalt Strike server that could allow victims to register a fake Beacon and DoS attackers.
Read More
CVE-2021-3438: 16 Years In Hiding – Millions of Printers Worldwide Vulnerable
A high severity flaw in HP, Samsung and Xerox printer drivers has existed since 2005 and could lead to an escalation of privilege.
Read More
Bypassing macOS TCC User Privacy Protections By Accident and Design
TCC is meant to protect user data from unauthorized access, but design flaws mean users and malware can bypass TCC, even by accident.
Read More
CVE-2021-21551- Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws
Update your Dell devices now! SentinelLabs discover five high severity flaws in Dell firmware update driver impacting desktops, laptops, notebooks and more.
Read More
Adventures From UEFI Land: the Hunt For the S3 Boot Script
In Part 4 of our UEFI Internals and Exploitation series, we abandon VMs and dive into UEFI on a physical machine. The quest: recovery of the S3 Boot Script.
Read More
Keep Malware Off Your Disk With SentinelOne’s IDA Pro Memory Loader Plugin
Security researchers – don’t infect your own device! Now you can analyze malware samples in memory using SentinelOne’s Memory Loader plugin for IDA Pro.
Read More
Top 15 Essential Malware Analysis Tools
Get your malware analysis toolkit up-to-speed! From disassemblers and debuggers to hex editors and SSL interception tools, you’ll find them all here.
Read More
A Guide to Ghidra Scripting Development for Malware Researchers
Automation is the key to becoming a more effective malware analyst, and Ghidra scripting is an essential tool in your arsenal. Get started here!
Read More
20 Common Tools & Techniques Used by macOS Threat Actors & Malware
Threat hunting on macOS? These are the tools malware most often leverages, with ITW examples, MITRE behavioral indicators and links to further research.
Read More
CVE-2021-24092: 12 Years in Hiding – A Privilege Escalation Vulnerability in Windows Defender
Windows Defender has contained an elevation of privilege vulnerability since at least 2009. Learn more about SentinelOne’s discovery, CVE-2021-24092, here.
Read More
