Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
Project Zero: The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
https://googleprojectzero.blogspot.com/2022/08/the-quantum-state-of-linux-kernel.html
Mass Exploitation of (Un)authenticated Zimbra RCE: CVE-2022-27925 | Volexity
https://www.volexity.com/blog/2022/08/10/mass-exploitation-of-unauthenticated-zimbra-rce-cve-2022-27925/
Cyber Incident | Advanced
https://www.oneadvanced.com/cyber-incident/#updates
Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen
https://www.bleepingcomputer.com/news/security/cisco-hacked-by-yanluowang-ransomware-gang-28gb-allegedly-stolen/
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research
https://portswigger.net/research/browser-powered-desync-attacks
Concealed code execution: Techniques and detection
https://www.huntandhackett.com/blog/concealed-code-execution-techniques-and-detection
Source Incite on Twitter: "IAM Whoever I Say IAM :: Infiltrating VMWare Workspace ONE Access Using a 0-Click Exploit: https://t.co/z2FN0fDIO1 PoC Exploit: https://t.co/x2iZtdPSy1" / Twitter
https://twitter.com/sourceincite/status/1557760679322402816
x86matthew - ClipboardInject - Abusing the clipboard to inject code into remote processes
https://www.x86matthew.com/view_post?id=clipboard_inject
It Might Be Our Data, But It’s Not Our Breach – Krebs on Security
https://krebsonsecurity.com/2022/08/it-might-be-our-data-but-its-not-our-breach/
IAM Whoever I Say IAM :: Infiltrating VMWare Workspace ONE Access Using a 0-Click Exploit
https://srcincite.io/blog/2022/08/11/i-am-whoever-i-say-i-am-infiltrating-vmware-workspace-one-access-using-a-0-click-exploit.html
Rewards for Justice on Twitter: "The U.S. Government reveals the face of a Conti associate for the first time! We’re trying to put a name with the face! To the guy in the photo: Imagine how many cool hats you could buy with $10 million dollars! Write to us via our Tor-based tip line: https://t.co/WvkI416g4W https://t.co/28BgYXYRy2" / Twitter
https://twitter.com/RFJ_USA/status/1557804081552523267
Backdooring and hijacking Azure AD accounts by abusing external identities
https://dirkjanm.io/assets/raw/US-22-Mollema-Backdooring-and-hijacking-Azure-AD-accounts_final.pdf
GitHub - sourceincite/hekate
https://github.com/sourceincite/hekate/
SMB RCE CVE-2022-35804的介绍 · VictorV的小博客
http://v-v.space/2022/08/11/CVE-2022-35804/
iOS Privacy: Instagram and Facebook can track anything you do on any website in their in-app browser · Felix Krause
https://krausefx.com/blog/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html?m=1
“BazarCall” Advisory: Essential Guide to Attack Vector that Revolutionized Data Breaches
https://www.advintel.io/post/bazarcall-advisory-the-essential-guide-to-call-back-phishing-attacks-that-revolutionized-the-data
Add download_file_types.asciipb entry for DIAGCAB · chromium/chromium@cd290e7 · GitHub
https://github.com/chromium/chromium/commit/cd290e7cbed7b2f95e4c2dc805e9d175f9161fc4
HInvoke and avoiding PInvoke | drakonia’s blog
https://dr4k0nia.github.io/dotnet/coding/2022/08/10/HInvoke-and-avoiding-PInvoke.html
Discord Desktop - Remote Code Execution | Electrovolt Blog
https://blog.electrovolt.io/posts/discord-rce/