@[email protected] on Twitter: "Discovered by a fried of mine: CVE-2022-26138: A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit this to log into Confluence and access all content accessible to users in the confluence-users group The password is disabled1system1user6708 https://t.co/6D3g8ZFxTn" / Twitter
https://twitter.com/fluepke/status/1549892089181257729
Microsoft starts blocking Office macros by default, once again
https://www.bleepingcomputer.com/news/microsoft/microsoft-resumes-default-blocking-of-office-macros-after-updating-docs/
The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs
https://decoded.avast.io/janvojtesek/the-return-of-candiru-zero-days-in-the-middle-east/
Gitlab Project Import RCE Analysis (CVE-2022-2185) | STAR Labs
https://starlabs.sg/blog/2022/07-gitlab-project-import-rce-analysis-cve-2022-2185/
Windows 11 now blocks RDP brute-force attacks by default
https://www.bleepingcomputer.com/news/microsoft/windows-11-now-blocks-rdp-brute-force-attacks-by-default/
The Question Lotus on Twitter: "The year is 2045. The first astronauts have landed on Mars. They find a cave with a human skeleton. And 4 words are written on the wall. What are the four words" / Twitter
https://twitter.com/dylanwa68690046/status/1549947891334189062
Assess Russia’s Cyber Performance Without Repeating Its Past Mistakes - War on the Rocks
https://warontherocks.com/2022/07/assess-russias-cyber-performance-without-repeating-its-past-mistakes/
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
https://thehackernews.com/2022/07/new-linux-malware-framework-let.html
Cisco Releases Patches for Critical Flaws Impacting Nexus Dashboard for Data Centers
https://thehackernews.com/2022/07/cisco-releases-patches-for-critical.html
Hunting for APT Abuse of Exchange
https://www.inversecos.com/2022/07/hunting-for-apt-abuse-of-exchange.html
Browser Exploitation: Firefox Integer Overflow - CVE-2011-2371 - VoidSec
https://voidsec.com/browser-exploitation-firefox-cve-2011-2371/
Malware-IOCs/2022-07-20 Raccoon Stealer (v2) IOCs at main · executemalware/Malware-IOCs · GitHub
https://github.com/executemalware/Malware-IOCs/blob/main/2022-07-20%20Raccoon%20Stealer%20(v2)%20IOCs
Atlassian fixes critical Confluence hardcoded credentials flaw
https://www.bleepingcomputer.com/news/security/atlassian-fixes-critical-confluence-hardcoded-credentials-flaw/
Encrypting Strings at Compile Time | by Evan McBroom | Jul, 2022 | Posts By SpecterOps Team Members
https://posts.specterops.io/encrypting-strings-at-compile-time-4141dafe5b41
How Meta and the security industry collaborate to secure the internet
https://engineering.fb.com/2022/07/20/security/how-meta-and-the-security-industry-collaborate-to-secure-the-internet/