I came across an interesting DLL injector yesterday but haven't had time to compile it yet since I don't have my build environment setup in 1809...
James Forshaw (Google Project Zero and Chrome sandbox wizard) just did a nice follow up blog on this. A much easier way for researchers to write...
I was checking out Cloudflare's "Browsing Experience Security Check", particularly learning more about their Encrypted SNI. Link:...
@puff-m-d Thank you :thumb:
Guys/Gals, not sure yet whether or not Privexec deserves it's own dedicated thread or not. Someone can start that if they like. I just wanted to...
Google Project Zero's James Forshaw (aka Chrome sandboxing wizard) pointed out the potential for some bypass potential with the Defender sandbox...
FWIW, if anyone wants to download the latest Adobe Reader DC without all of the nonsense, go here: https://get.adobe.com/reader/enterprise/
@Stupendous Man You're welcome. I've read some issues as well that users have been posting. But for whatever reason, 60.x+ have all been rock...
60.3.0 is being compiled right now and is due for release tomorrow (Halloween release... :eek:). Just a heads up in case I forget about this...
@itman Great points, thank you for sharing. :thumb:
You’re welcome. I have always been a fan of this and especially appreciative for its open source nature.
If anyone is curious to know which processes are protected by regular AppContainer sandbox or the latest Low Privilege AppContainer (LP-AC), I...
I hope this is an appropriate thread for this post. I had been playing around with the 'setx' command line app a few weeks ago and came up with...
Low Privilege AppContainer too which is more secure and more granular capability control in comparison to traditional AppContainer. Very...
2.2.0 released Link: https://sourceforge.net/projects/softwarepolicy/files/ Details: http://softwarepolicy.sourceforge.net/manual/windows10.php
Regarding ThirdPartyModuleBlocking: Most importantly, this gives much more protection to the Chrome browser process. It also extends to the...
Thank you. Yes, I was familiar with this registry search and replace previously but I try to avoid it as much as possible. But in this case, I...
I noticed that with Nik's recent Chromium stable builds for M69/M70, they have all had an extra process (Audio Service) which is running as a...
Open Source at the core too, I am loving this.
Now we know what CoreDNS was leading toward: https://www.wilderssecurity.com/threads/adguard-home.409300/ Very cool, interesting and exciting, to...
Introducing AdGuard Home 16 OCTOBER 2018 on AdGuard News, Release Notes Link: https://adguard.com/en/blog/introducing-adguard-home/?aid=28400 As...
Project Zero: Injecting Code into Windows Protected Processes using COM - Part 1 By James Forshaw of Google's Project Zero Link:...
By the way, if you do have any interest in AppContainer sandbox, I have some decent code examples to share in case they may be beneficial. I will...
@diversenok You're welcome. Your suggestions to add more restrictions like preventing child process creation and more would be absolutely...
Farewell to the Token Stealing UAC Bypass Link: https://tyranidslair.blogspot.com/2018/10/farewell-to-token-stealing-uac-bypass.html By James Forshaw
Separate names with a comma.
