09/21
09/22
09/23
14 Posts

Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804) – Assetnote

https://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server/
Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804) – Assetnote
12 Posts

Out Of Band Update: Cobalt Strike 4.7.1 | Cobalt Strike

https://www.cobaltstrike.com/blog/out-of-band-update-cobalt-strike-4-7-1/
Out Of Band Update: Cobalt Strike 4.7.1 | Cobalt Strike
10 Posts

Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf

https://asec.ahnlab.com/wp-content/uploads/2022/09/Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf
Analysis-Report-on-Lazarus-Groups-Rootkit-Attack-Using-BYOVD_Sep-22-2022.pdf
10 Posts

Making HTTP header injection critical via response queue poisoning | PortSwigger Research

https://portswigger.net/research/making-http-header-injection-critical-via-response-queue-poisoning
Making HTTP header injection critical via response queue poisoning | PortSwigger Research
10 Posts

Inside Russia’s Vast Surveillance State: ‘They Are Watching’ - The New York Times

https://www.nytimes.com/interactive/2022/09/22/technology/russia-putin-surveillance-spying.html
Inside Russia’s Vast Surveillance State: ‘They Are Watching’ - The New York Times
8 Posts

URLhaus | http://194.38.23.170/new1.plg

https://urlhaus.abuse.ch/url/2308917/
URLhaus | http://194.38.23.170/new1.plg
8 Posts

Malicious OAuth applications used to compromise email servers and spread spam - Microsoft Security Blog

https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/
Malicious OAuth applications used to compromise email servers and spread spam - Microsoft Security Blog
8 Posts

Qakbot/Qakbot_BB_22.09.2022.txt at main · pr0xylife/Qakbot · GitHub

https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB_22.09.2022.txt
Qakbot/Qakbot_BB_22.09.2022.txt at main · pr0xylife/Qakbot · GitHub
8 Posts

Raspberry Robin’s Roshtyak: A Little Lesson in Trickery - Avast Threat Labs

https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery - Avast Threat Labs
8 Posts

LockBit ransomware builder leaked online by “angry developer”

https://www.bleepingcomputer.com/news/security/lockbit-ransomware-builder-leaked-online-by-angry-developer-/
LockBit ransomware builder leaked online by “angry developer”
8 Posts

MalwareBazaar | SHA256 3a00998d6a6c0d3db7d06cca0be5ae39b9c1884dda9f4dc4190bf0debc18da3d

https://bazaar.abuse.ch/sample/3a00998d6a6c0d3db7d06cca0be5ae39b9c1884dda9f4dc4190bf0debc18da3d/
MalwareBazaar | SHA256 3a00998d6a6c0d3db7d06cca0be5ae39b9c1884dda9f4dc4190bf0debc18da3d
7 Posts

Unpatched 15-year old Python bug allows code execution in 350k projects

https://www.bleepingcomputer.com/news/security/unpatched-15-year-old-python-bug-allows-code-execution-in-350k-projects/
Unpatched 15-year old Python bug allows code execution in 350k projects
7 Posts

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities - SentinelOne

https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/
The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities - SentinelOne
7 Posts

Noberus Ransomware: Darkside and BlackMatter Successor Continues to Evolve its Tactics | Broadcom Software Blogs

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/noberus-blackcat-ransomware-ttps
Noberus Ransomware: Darkside and BlackMatter Successor Continues to Evolve its Tactics | Broadcom Software Blogs
7 Posts

Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure

https://thehackernews.com/2022/09/researchers-disclose-critical.html
Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure
7 Posts

Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices - Microsoft Security Blog

https://www.microsoft.com/security/blog/2022/09/21/rewards-plus-fake-mobile-banking-rewards-apps-lure-users-to-install-info-stealing-rat-on-android-devices/
Rewards plus: Fake mobile banking rewards apps lure users to install info-stealing RAT on Android devices - Microsoft Security Blog
6 Posts

How we Abused Repository Webhooks to Access Internal CI Systems at Scale - Cider Security Site

https://www.cidersecurity.io/blog/research/how-we-abused-repository-webhooks-to-access-internal-ci-systems-at-scale/
How we Abused Repository Webhooks to Access Internal CI Systems at Scale - Cider Security Site
6 Posts

Giving JuicyPotato a second chance: JuicyPotatoNG – Decoder's Blog

https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong
Giving JuicyPotato a second chance: JuicyPotatoNG – Decoder's Blog
6 Posts

A technical analysis of the leaked LockBit 3.0 builder – CYBER GEEKS

https://cybergeeks.tech/a-technical-analysis-of-the-leaked-lockbit-3-0-builder/
A technical analysis of the leaked LockBit 3.0 builder – CYBER GEEKS
6 Posts

Unearthed File Reveals Huge Cold War-Era U.S. Bugging Operation Against Soviets

https://thebrushpass.projectbrazen.com/coldwarbuggingsovietunion/
Unearthed File Reveals Huge Cold War-Era U.S. Bugging Operation Against Soviets