02/01
02/02
02/03
20 Posts

North Korea Hacked Him. So He Took Down Its Internet | WIRED

https://www.wired.com/story/north-korea-hacker-internet-outage/
North Korea Hacked Him. So He Took Down Its Internet | WIRED
14 Posts

How to start RE/malware analysis? | hasherezade's 1001 nights

https://hshrzd.wordpress.com/how-to-start/
How to start RE/malware analysis? | hasherezade's 1001 nights
14 Posts

Zero Day Initiative — CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin

https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
Zero Day Initiative — CVE-2021-44142: Details on a Samba Code Execution Bug Demonstrated at Pwn2Own Austin
9 Posts

Site not found · GitHub Pages

https://elastic.github.io/security-research/whitepapers/2022/02/02.sandboxing-antimalware-products-for-fun-and-profit/article/
Site not found · GitHub Pages
9 Posts

Critical Bug Found in WordPress Plugin for Elementor with Over a Million Installations

https://thehackernews.com/2022/02/critical-bug-found-in-wordpress-plugin.html
Critical Bug Found in WordPress Plugin for Elementor with Over a Million Installations
9 Posts

Crypto.com: Ex-Hacker Who Worked for Controversial Spying Firm Won’t Join Company

https://www.vice.com/en/article/7kbezd/cryptocom-hires-ex-hacker-who-worked-for-company-that-spied-on-americans
Crypto.com: Ex-Hacker Who Worked for Controversial Spying Firm Won’t Join Company
8 Posts

Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397) - 0xkasper

https://0xkasper.com/articles/moodle-sql-injection-broken-access-control.html
Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397) - 0xkasper
8 Posts

MalwareBazaar | Browse Checking your browser

https://bazaar.abuse.ch/sample/3926e9fca7f160eb12b7fd9e4bd8ac9200d15c6103330fe4adb4dc85940e3593/
MalwareBazaar | Browse Checking your browser
8 Posts

writeups/Hacking-Google-Drive-Integrations.md at main · httpvoid/writeups · GitHub

https://github.com/httpvoid/writeups/blob/main/Hacking-Google-Drive-Integrations.md
writeups/Hacking-Google-Drive-Integrations.md at main · httpvoid/writeups · GitHub
8 Posts

Malicious CSV text files used to install BazarBackdoor malware

https://www.bleepingcomputer.com/news/security/malicious-csv-text-files-used-to-install-bazarbackdoor-malware/
Malicious CSV text files used to install BazarBackdoor malware
7 Posts

Password spraying and MFA bypasses in the modern security landscape | Sprocket Security

https://www.sprocketsecurity.com/blog/how-to-bypass-mfa-all-day#
Password spraying and MFA bypasses in the modern security landscape | Sprocket Security
7 Posts

UEFI firmware vulnerabilities affect at least 25 computer vendors

https://www.bleepingcomputer.com/news/security/uefi-firmware-vulnerabilities-affect-at-least-25-computer-vendors/
UEFI firmware vulnerabilities affect at least 25 computer vendors
7 Posts

Mandiant Senior Principal Reverse Engineer | SmartRecruiters

https://jobs.smartrecruiters.com/Mandiant/743999802041669
Mandiant Senior Principal Reverse Engineer | SmartRecruiters
6 Posts

Mars Stealer: Oski refactoring | 3xp0rt

https://3xp0rt.com/posts/mars-stealer
Mars Stealer: Oski refactoring | 3xp0rt
6 Posts

Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors

https://thehackernews.com/2022/02/dozens-of-security-flaws-discovered-in.html
Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors
6 Posts

Understanding Process Ghosting in Detail - Blog by Dosxuz

https://dosxuz.gitlab.io/post/processghosting/
Understanding Process Ghosting in Detail - Blog by Dosxuz
6 Posts

CVEle!

https://pentesterlab.com/cvele/
CVEle!
6 Posts

MSDT DLL Hijack UAC bypass - Sevagas

https://blog.sevagas.com/?MSDT-DLL-Hijack-UAC-bypass
MSDT DLL Hijack UAC bypass - Sevagas
6 Posts

Notepad++ Plugins for Persistence - Offensive Defence

https://offensivedefence.co.uk/posts/notepad++/
Notepad++ Plugins for Persistence - Offensive Defence
6 Posts

JSAC2022_2_kobayashi_en.pdf

https://jsac.jpcert.or.jp/archive/2022/pdf/JSAC2022_2_kobayashi_en.pdf
JSAC2022_2_kobayashi_en.pdf
6 Posts

New Malware Used by SolarWinds Attackers Went Undetected for Years

https://thehackernews.com/2022/02/new-malware-used-by-solarwinds.html
New Malware Used by SolarWinds Attackers Went Undetected for Years
6 Posts

Inside Trickbot, Russia’s Notorious Ransomware Gang | WIRED

https://www.wired.com/story/trickbot-malware-group-internal-messages/
Inside Trickbot, Russia’s Notorious Ransomware Gang | WIRED
6 Posts

BazarLoader/BazarLoader_02.02.2022.txt at main · pr0xylife/BazarLoader · GitHub

https://github.com/pr0xylife/BazarLoader/blob/main/BazarLoader_02.02.2022.txt
BazarLoader/BazarLoader_02.02.2022.txt at main · pr0xylife/BazarLoader · GitHub
6 Posts

Cross-Site Scripting (XSS) Cheat Sheet - 2023 Edition | Web Security Academy

https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#data-url-with-use-element-and-base64-encoded
Cross-Site Scripting (XSS) Cheat Sheet - 2023 Edition | Web Security Academy
6 Posts

A detailed analysis of Lazarus APT malware disguised as Notepad++ Shell Extension – CYBER GEEKS

https://cybergeeks.tech/a-detailed-analysis-of-lazarus-malware-disguised-as-notepad-shell-extension/
A detailed analysis of Lazarus APT malware disguised as Notepad++ Shell Extension – CYBER GEEKS
6 Posts

KP Snacks giant hit by Conti ransomware, deliveries disrupted

https://www.bleepingcomputer.com/news/security/kp-snacks-giant-hit-by-conti-ransomware-deliveries-disrupted/
KP Snacks giant hit by Conti ransomware, deliveries disrupted