VMware Authentication Bypass Vulnerability (CVE-2022-22972) Technical Deep Dive – Horizon3.ai
https://www.horizon3.ai/vmware-authentication-bypass-vulnerability-cve-2022-22972-technical-deep-dive/
How to Hunt for DecisiveArchitect and Its JustForFun Implant | CrowdStrike
https://www.crowdstrike.com/blog/how-to-hunt-for-decisivearchitect-and-justforfun-implant/
Hacker Steals Database of Hundreds of Verizon Employees
https://www.vice.com/en/article/wxdwxn/hacker-steals-database-of-hundreds-of-verizon-employees
Exclusive: Russian hackers are linked to new Brexit leak website, Google says | Reuters
https://www.reuters.com/technology/exclusive-russian-hackers-are-linked-new-brexit-leak-website-google-says-2022-05-25/
2nd RCE and XSS in Apache Struts before 2.5.30
https://mc0wn.blogspot.com/2022/05/2nd-rce-and-xss-in-apache-struts-before-2530.html
Microsoft Security Intelligence on Twitter: "The KrbRelayUp attack tool allows local privilege escalation on hybrid joined devices with on-premises domain controllers. Read our blog to understand the KrbRelayUp attack flow and to get mitigation and protection guidance: https://t.co/UM2YE3lkak" / Twitter
https://twitter.com/msftsecintel/status/1529571109619879938
Experts Warn of Rise in ChromeLoader Malware Hijacking Users' Browsers
https://thehackernews.com/2022/05/experts-warn-of-rise-in-chromeloader.html
19 children, 2 adults killed in Texas school rampage | AP News
https://apnews.com/article/uvalde-texas-school-shooting-44a7cfb990feaa6ffe482483df6e4683
added ntlm cross session · cube0x0/KrbRelay@b11008d · GitHub
https://github.com/cube0x0/KrbRelay/commit/b11008de17b61c2cf7e06d088d77e3bbcf43489c
Google Discloses Details of Zoom Zero-Click Remote Code Execution Exploit | SecurityWeek.Com
https://www.securityweek.com/google-discloses-details-zoom-zero-click-remote-code-execution-exploit
Andy Specht on Twitter: "Cops stood outside the school while the killer rampaged inside. Onlookers yelled at them to go in. They didn’t. One parent urged bystanders: “Let’s just rush in because the cops aren’t doing anything like they are supposed to.” @AP story: https://t.co/l2CqPCzmAf" / Twitter
https://twitter.com/andyspecht/status/1529643462953521153
Gergely Orosz on Twitter: "Just in: @Lacework - data-driven security platform for the cloud - lays off ~300 employees, about 20% of staff today. The layoffs come 6 months after the company raised $1.8B, valued at $8.3B. Some people let go were hired 1-2 months ago. Company yet to post an announcement." / Twitter
https://twitter.com/GergelyOrosz/status/1529575067117658112
FTC fines Twitter $150M for using 2FA info for targeted advertising
https://www.bleepingcomputer.com/news/technology/ftc-fines-twitter-150m-for-using-2fa-info-for-targeted-advertising/
Yunus Aydın on Twitter: "My side of the Story of Hacking CTX and PHPass Modules https://t.co/X9enBiIBhc" / Twitter
https://twitter.com/aydinnyunuss/status/1529418916044410884
Kaitlan Collins on Twitter: "Amerie Jo Garza's father, a med aide, says he found out she was one of the victims when he arrived on the scene and was helping another little girl covered in blood. She told him her best friend had been shot. When he asked her name, she said his daughter's. There aren't words. https://t.co/CEH2JuseHw" / Twitter
https://twitter.com/kaitlancollins/status/1529617687894274048
GitHub - horizon3ai/CVE-2022-22972
https://github.com/horizon3ai/CVE-2022-22972
GitHub - gamozolabs/proc_mem_ida_loader: A /proc/mem IDA loader to snapshot a running process
https://github.com/gamozolabs/proc_mem_ida_loader
Women and Cybersecurity: Creating a More Inclusive Cyber Space
http://wrld.bg/GKBU50J0wNv
| Job Preference
http://www.jobpreference.com
2254 - Zoom: Remote Code Execution with XMPP Stanza Smuggling - project-zero
https://bugs.chromium.org/p/project-zero/issues/detail?id=2254
Bablosoft; Lowering the Barrier of Entry for Malicious Actors - Team Cymru
https://team-cymru.com/blog/2022/05/25/bablosoft-lowering-the-barrier-of-entry-for-malicious-actors/
Industrial Spy data extortion market gets into the ransomware game
https://www.bleepingcomputer.com/news/security/industrial-spy-data-extortion-market-gets-into-the-ransomware-game/
Hatching Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/220526-t3xe3ahack
Hatching Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/220525-3v5wxaagfn