2021-12-15 | Hacker Trends

61 Posts

Project Zero: A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution

https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html

26 Posts

Ian Beer on Twitter: "Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists, activists and dissidents around the world. https://t.co/RYsqpTHF5j" / Twitter

https://twitter.com/i41nbeer/status/1471163195679252484

22 Posts

GitHub - cisagov/log4j-affected-db: A community sourced list of log4j-affected software

https://github.com/cisagov/log4j-affected-db

20 Posts

Tweet / Twitter

https://twitter.com/TinkerSec/status/1471128734010945542

17 Posts

log4j memes

https://log4jmemes.com/

14 Posts

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability - Microsoft Security Blog

https://msft.it/6015ZJbYt

14 Posts

Microsoft Security Intelligence on Twitter: "As we continue to monitor threats taking advantage of the CVE-2021-44228 Log4j 2 vulnerability, we’re seeing activity ranging from experimentation to exploitation from multiple groups, including nation-state actors and access brokers linked to ransomware: https://t.co/WWSxGvaiDy" / Twitter

https://twitter.com/MsftSecIntel/status/1470960102232444940

12 Posts

Log4Shell Update: Second log4j Vulnerability Published (CVE-2021-44228 + CVE-2021-45046) | LunaTrace

https://www.lunasec.io/docs/blog/log4j-zero-day-update-on-cve-2021-45046/

11 Posts

Cyber House Party - Festive Special 2021 - LIVE - YouTube

https://youtu.be/CEq7QV4sY3Q

11 Posts

Process Injection Update in Cobalt Strike 4.5 | Cobalt Strike

https://www.cobaltstrike.com/blog/process-injection-update-in-cobalt-strike-4-5/

11 Posts

Weixin Official Accounts Platform

https://mp.weixin.qq.com/s/7y-iyMMZAoN4B2dGvCFvXg

11 Posts

http://AjaxPro.NET

10 Posts

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability - Microsoft Security Blog

https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/

10 Posts

Log4j – Apache Log4j Security Vulnerabilities

https://logging.apache.org/log4j/2.x/security.html

9 Posts

Dan Kaminsky - Internet Hall of Fame

https://www.internethalloffame.org/inductees/dan-kaminsky

9 Posts

Speakers | OffensiveCon

https://www.offensivecon.org/speakers/

8 Posts

New Blueprint to protect UK from Cyber Threats - GOV.UK

https://www.gov.uk/government/news/new-blueprint-to-protect-uk-from-cyber-threats

8 Posts

U.S. lawmakers call for sanctions against Israel's NSO, other spyware firms | Reuters

https://www.reuters.com/world/us/exclusive-us-lawmakers-call-sanctions-against-israels-nso-other-spyware-firms-2021-12-15/

8 Posts

Owowa: the add-on that turns your OWA into a credential stealer and remote access panel | Securelist

https://securelist.com/owowa-credential-stealer-and-remote-access/105219/

8 Posts

NEW MILLENIUM CONSULTING

http://nmcus.com

7 Posts

Quantum computing will lead to new risks for cyber security | World Economic Forum

https://www.weforum.org/global_future_councils/gfc-on-quantum-computing/articles/in-a-quantum-future-our-economy-needs-to-be-protected-a-cybersecurity-expert-explains-why

7 Posts

Azure Run Command for Dummies | Mandiant

https://www.mandiant.com/resources/azure-run-command-dummies

7 Posts

Nation State Threat Group Targets Airline with Aclip Backdoor

https://securityintelligence.com/posts/nation-state-threat-group-targets-airline-aclip-backdoor/

7 Posts

Guide: How To Detect and Mitigate the Log4Shell Vulnerability (CVE-2021-44228 & CVE-2021-45046) | LunaTrace

https://www.lunasec.io/docs/blog/log4j-zero-day-mitigation-guide/

7 Posts

Log4Shell attacks expand to nation-state groups from China, Iran, North Korea, and Turkey

https://therecord.media/log4shell-attacks-expand-to-nation-state-groups-from-china-iran-north-korea-and-turkey/

7 Posts

Huawei documents show Chinese tech giant’s involvement in surveillance programs - The Washington Post

https://www.washingtonpost.com/world/2021/12/14/huawei-surveillance-china/

7 Posts

Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

https://thehackernews.com/2021/12/second-log4j-vulnerability-cve-2021.html

6 Posts

Defeat the Castle – Bypass AV & Advanced XDR solutions. -

https://0xsp.com/security%20research%20&%20development%20(SRD)/defeat-the-castle-bypass-av-advanced-xdr-solutions

6 Posts

offensivecon on Twitter: "Real World 0-days: A Year-in-Review of 0-day Exploits Used In-the-Wild in 2021 by @maddiestone https://t.co/5tra7VhbZa" / Twitter

https://twitter.com/offensive_con/status/1471081609822715906

6 Posts

CyberSlide - The Cyber Startup Observatory

https://cyberstartupobservatory.com/resources-cyberslide/

6 Posts

Project Zero Bugs on Twitter: "A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution https://t.co/MUk90ClE80" / Twitter

https://twitter.com/ProjectZeroBugs/status/1471164401424080915

6 Posts

GitHub - 0xInfection/LogMePwn: A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

https://github.com/0xInfection/LogMePwn

6 Posts