Hijack Libs
https://hijacklibs.net
GitHub - wietze/HijackLibs: Project for tracking publicly disclosed DLL Hijacking opportunities.
https://github.com/wietze/hijacklibs
Process injection: breaking all macOS security layers with a single vulnerability · Sector 7
https://sector7.computest.nl/post/2022-08-process-injection-breaking-all-macos-security-layers-with-a-single-vulnerability/
BlueHound: Community Driven Resilience. - Zero Networks | Contain The Next Breach
https://zeronetworks.com/blog/bluehound-community-driven-resilience/
GitHub - zeronetworks/BlueHound: BlueHound - pinpoint the security issues that actually matter
https://github.com/zeronetworks/BlueHound
BlueHound tutorial - YouTube
https://www.youtube.com/watch?v=WVup5tnURoM
Disrupting SEABORGIUM’s ongoing phishing operations - Microsoft Security Blog
https://msft.it/6018jVwFO
WMI Internals Part 2. Reversing a WMI Provider | by Jonathan Johnson | Aug, 2022 | Medium
https://jsecurity101.medium.com/wmi-internals-part-2-522f3e97709a
Disrupting SEABORGIUM’s ongoing phishing operations - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/08/15/disrupting-seaborgiums-ongoing-phishing-operations/
GitHub - Flangvik/TeamFiltration: TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
https://github.com/Flangvik/TeamFiltration
GitHub - mandiant/STrace: A DTrace on Windows Reimplementation
https://github.com/mandiant/STrace
Expel-GCP-mind-map-kit-080422.pdf
https://expel.com/wp-content/uploads/2022/08/Expel-GCP-mind-map-kit-080422.pdf
Over 9,000 VNC servers exposed online without a password
https://www.bleepingcomputer.com/news/security/over-9-000-vnc-servers-exposed-online-without-a-password/
Twilio Incident: What Signal Users Need to Know – Signal Support
https://support.signal.org/hc/en-us/articles/4850133017242
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 2 – NCC Group Research
https://research.nccgroup.com/2021/08/17/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-2/
Evil PLC Attack: Hacking PLCs to Attack Engineering Workstations | Claroty
https://claroty.com/team82/blog/evil-plc-attack-using-a-controller-as-predator-rather-than-prey
mainframed767/defcon30 - Docker Image | Docker Hub
https://hub.docker.com/r/mainframed767/defcon30
Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems
https://thehackernews.com/2022/08/newly-uncovered-pypi-package-drops.html
Shuckworm: Russia-Linked Group Maintains Ukraine Focus | Broadcom Software Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/russia-ukraine-shuckworm
Signal on Twitter: "Message history, profile info, contact lists, & other data were NOT & could not be accessed. The information attackers accessed could allow them to attempt to register a Signal user’s phone number on a new device if that user had not enabled registration lock. 2/" / Twitter
https://twitter.com/signalapp/status/1559221384219435010
Practical Malware Analysis & Triage | TCM Security, Inc.
https://bit.ly/tcm-pmat
Hacker Conference DEF CON Bans Pro-Trump Outlet OAN
https://www.vice.com/en/article/88qxdz/hacker-conference-def-con-bans-pro-trump-outlet-oan
How Adversaries Use Spear Phishing to Target Engineering Staff | Dragos
https://www.dragos.com/blog/how-adversaries-use-spear-phishing-to-target-engineering-staff/
Attacking Titan M with Only One Byte
https://blog.quarkslab.com/attacking-titan-m-with-only-one-byte.html
Callback phishing attacks see massive 625% growth since Q1 2021
https://www.bleepingcomputer.com/news/security/callback-phishing-attacks-see-massive-625-percent-growth-since-q1-2021/
Hijack Libs
https://hijacklibs.net/