10/17

Escaping the Chrome Sandbox Through DevTools

https://ading.dev/blog/posts/chrome_sandbox_escape.html
Escaping the Chrome Sandbox Through DevTools

detection-rules/hunting at main · elastic/detection-rules · GitHub

https://github.com/elastic/detection-rules/tree/main/hunting
detection-rules/hunting at main · elastic/detection-rules · GitHub

GitHub - Orange-Cyberdefense/GOAD at v3-beta

https://github.com/Orange-Cyberdefense/GOAD/tree/v3-beta
GitHub - Orange-Cyberdefense/GOAD at v3-beta

USDoD hacker behind National Public Data breach arrested in Brazil

https://www.bleepingcomputer.com/news/security/usdod-hacker-behind-national-public-data-breach-arrested-in-brazil/
USDoD hacker behind National Public Data breach arrested in Brazil

IcePeony with the '996' work culture | @nao_sec

https://nao-sec.org/2024/10/IcePeony-with-the-996-work-culture.html
IcePeony with the '996' work culture | @nao_sec

VirusTotal - Search - t12d190800_d83cc789557e_16bbda4055b2

https://www.virustotal.com/gui/search/t12d190800_d83cc789557e_16bbda4055b2/files
VirusTotal - Search - t12d190800_d83cc789557e_16bbda4055b2

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

https://thehackernews.com/2024/10/critical-kubernetes-image-builder.html
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

SolarWinds Web Help Desk flaw is now exploited in attacks

https://www.bleepingcomputer.com/news/security/solarwinds-web-help-desk-flaw-is-now-exploited-in-attacks/
SolarWinds Web Help Desk flaw is now exploited in attacks

BianLian ransomware claims attack on Boston Children's Health Physicians

https://www.bleepingcomputer.com/news/security/bianlian-ransomware-claims-attack-on-boston-childrens-health-physicians/
BianLian ransomware claims attack on Boston Children's Health Physicians

Kernel shellcode persistence technique in APT attacks and SAS CTF challenge | Securelist

https://securelist.com/sas-ctf-windows-7-challenge-explained/114180/
Kernel shellcode persistence technique in APT attacks and SAS CTF challenge | Securelist

CODE WHITE - Finest Hacking

https://code-white.com/blog/teaching-the-old-net-remoting-new-exploitation-tricks/
CODE WHITE - Finest Hacking

Hackers blackmail Globe Life after stealing customer data

https://www.bleepingcomputer.com/news/security/hackers-blackmail-globe-life-after-stealing-customer-data/
Hackers blackmail Globe Life after stealing customer data

SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack

https://thehackernews.com/2024/10/sidewinder-apt-strikes-middle-east-and.html
SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack

Recon Royale - Hacker's Arena

https://recon-royale.com
Recon Royale - Hacker's Arena

Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant

https://thehackernews.com/2024/10/russian-romcom-attacks-target-ukrainian.html
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant

Microsoft said it lost weeks of security logs for its customers' cloud products | TechCrunch

https://techcrunch.com/2024/10/17/microsoft-said-it-lost-weeks-of-security-logs-for-its-customers-cloud-products/
Microsoft said it lost weeks of security logs for its customers' cloud products | TechCrunch

ADCS ESC15 AKA EKUwu Abuse (CVE-2024-49019) - YouTube

https://youtu.be/PKvazCvlb9A?si=DrhtJvb1fFV9AgAt
ADCS ESC15 AKA EKUwu Abuse (CVE-2024-49019) - YouTube

Undercover North Korean IT workers now steal data, extort employers

https://www.bleepingcomputer.com/news/security/undercover-north-korean-it-workers-now-steal-data-extort-employers/
Undercover North Korean IT workers now steal data, extort employers

Google: 70% of exploited flaws disclosed in 2023 were zero-days

https://www.bleepingcomputer.com/news/security/google-70-percent-of-exploited-flaws-disclosed-in-2023-were-zero-days/
Google: 70% of exploited flaws disclosed in 2023 were zero-days

Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program

https://thehackernews.com/2024/10/cross-platform-cicada3301-ransomware.html
Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program

FBI arrest Alabama man suspected of hacking SEC's X account

https://www.bleepingcomputer.com/news/security/fbi-arrest-alabama-man-suspected-of-hacking-secs-x-account/
FBI arrest Alabama man suspected of hacking SEC's X account