iOS Privacy: Announcing InAppBrowser.com - see what JavaScript commands get injected through an in-app browser · Felix Krause
https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser
You Can’t Audit Me: APT29 Continues Targeting Microsoft 365 | Mandiant
https://www.mandiant.com/resources/apt29-continues-targeting-microsoft
Nine Dragons on Twitter: "China denies that the Yuan Wang 5 is any form of "spy" ship or has any military function. They say it's purely a civilian ship. The ship: https://t.co/lB9u3H0YlO" / Twitter
https://twitter.com/ninedragons2/status/1559743259412496386
Felix Krause on Twitter: "🔥 New Post: Announcing InAppBrowser - see what JavaScript commands get injected through an in-app browser 👀 TikTok, when opening any website in their app, injects tracking code that can monitor all keystrokes, including passwords, and all taps. https://t.co/TxN1ezZX71 https://t.co/pQcX5vrEXc" / Twitter
https://twitter.com/KrauseFx/status/1560370732705742848
Apple releases iOS, iPadOS and macOS security fixes for two zero-days under active attack | TechCrunch
https://techcrunch.com/2022/08/17/iphone-ipad-mac-zero-days/
GitHub - Markakd/DirtyCred
https://github.com/markakd/dirtycred
Runa Sandvik on Twitter: "In the last year, numerous concerns have been raised over the work and behavior of Jonathan Scott. He has now been expelled from his PhD program. Here’s a statement from @tarah and myself. https://t.co/yTLTCVSNzs" / Twitter
https://twitter.com/runasand/status/1560655292932984837
DirtyCred-Zhenpeng.pdf
https://zplin.me/papers/DirtyCred-Zhenpeng.pdf
GitHub - BC-SECURITY/Beginners-Guide-to-Obfuscation
https://github.com/BC-SECURITY/Beginners-Guide-to-Obfuscation
Zero Day Initiative — But You Told Me You Were Safe: Attacking the Mozilla Firefox Renderer (Part 1)
https://www.zerodayinitiative.com/blog/2022/8/17/but-you-told-me-you-were-safe-attacking-the-mozilla-firefox-renderer-part-1
GitHub - SinaKarvandi/Hypervisor-From-Scratch: Source code of a multiple series of tutorials about the hypervisor. Available at: https://rayanfam.com/tutorials
https://github.com/SinaKarvandi/Hypervisor-From-Scratch
JSSLoader: the shellcode edition
https://malwarebytes.com/blog/threat-intelligence/2022/08/jssloader-the-shellcode-edition
2292 - AppleAVD: Overflow in AVC_RBSP::parseSliceHeader ref_pic_list_modification - project-zero
https://bugs.chromium.org/p/project-zero/issues/detail?id=2292
Ransomware Summit 2022 - YouTube
https://www.youtube.com/playlist?list=PLtgaAEEmVe6AGQj2LhA4UnN0XolmeYw9_
1day to 0day(CVE-2022-30024) on TP-Link TL-WR841N
https://blog.viettelcybersecurity.com/1day-to-0day-on-tl-link-tl-wr841n/
Rob Joyce on Twitter: "https://t.co/0EUokRZZSe" / Twitter
https://twitter.com/NSA_CSDirector/status/1560517798404579328
Exploiting WebKit JSPropertyNameEnumerator Out-of-Bounds Read (CVE-2021-1789) | STAR Labs
https://starlabs.sg/blog/2022/08-exploiting-webkit-jspropertynameenumerator-out-of-bounds-read-cve-2021-1789/
Rob Joyce on Twitter: "HOW CAN NSA REALLY BE SURE OF THE ATTRIBUTION? I MEAN ANYONE CAN THROW RUSSIAN MALWARE! https://t.co/Nv8ASBdbD8" / Twitter
https://twitter.com/NSA_CSDirector/status/1560513073743507456
Karen Weise on Twitter: "NEW: Dan Price used social media to bury his troubles, and harnessed his viral fame to enable a pattern of abuse in his personal life and hostile behavior at his company He resigned as CEO last night, after providing his statements to this story https://t.co/RFYcnKhFvg" / Twitter
https://twitter.com/kyweise/status/1560382045653651456
bk (Ben Koehl) on Twitter: "#MSTIC 🛡️ & #DART 👻 are now hiring Hunt Analysts who live at the intersection of incident response and threat intelligence. Have experience in both areas? Come join us! Hunt Analyst 🕵️: https://t.co/72IKr9GbDY https://t.co/jvmCzYYtUG" / Twitter
https://twitter.com/bkmsft/status/1560374787981058048
The head of GCHQ says Vladimir Putin is losing the information war in Ukraine | The Economist
https://www.economist.com/by-invitation/2022/08/18/the-head-of-gchq-says-vladimir-putin-is-losing-the-information-war-in-ukraine
Rob Joyce on Twitter: "https://t.co/0EUokRZZSe" / Twitter
https://twitter.com/nsa_csdirector/status/1560517798404579328
AzureAD-Attack-Defense/ReplayOfPrimaryRefreshToken.md at main · Cloud-Architekt/AzureAD-Attack-Defense · GitHub
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense/blob/main/ReplayOfPrimaryRefreshToken.md