POLONIUM targets Israel with Creepy malware | WeLiveSecurity
https://www.welivesecurity.com/2022/10/11/polonium-targets-israel-creepy-malware/
White House to unveil ambitious cybersecurity labeling effort modeled after Energy Star - CyberScoop
https://www.cyberscoop.com/white-house-to-unveil-internet-of-things-labeling/
Stealing Access Tokens From Office Desktop Applications | mr.d0x
https://mrd0x.com/stealing-tokens-from-office-applications/
CYBERWARCON
http://cyberwarcon.com
postMessage Braindump
https://rhynorater.github.io/postMessage-Braindump
Persistent PHP payloads in PNGs: How to inject PHP code in an image –
https://www.synacktiv.com/publications/persistent-php-payloads-in-pngs-how-to-inject-php-code-in-an-image-and-keep-it-there.html
CYBERWARCON on Twitter: "Announcing this year's #CYBERWARCON speakers! Check out this incredible agenda. Get your ticket while they last. We will run out very soon. Thank you to everyone who submitted. And thank you to the board for making these excruciating decisions! https://t.co/r6EusorBUs" / Twitter
https://twitter.com/cyberwarcon/status/1579851800290922496
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684) - Help Net Security
https://www.helpnetsecurity.com/2022/10/11/cve-2022-40684-exploited/
Microsoft Exchange servers hacked to deploy LockBit ransomware
https://www.bleepingcomputer.com/news/security/microsoft-exchange-servers-hacked-to-deploy-lockbit-ransomware/
Suzanne Smalley on Twitter: "SCOOP The White House will announce an Energy Star like cybersecurity ratings, labeling program later today. The voluntary program will launch with 3-4 standards. About 50 industry leaders/cyber experts will be at the WH to iron out details next week https://t.co/UZo93GEiij" / Twitter
https://twitter.com/suzannemsmalley/status/1579871333202415616
Hello World Under the Microscope - New Article Published
https://asawicki.info/news_1762_hello_world_under_the_microscope_-_new_article_published
PSIRT Advisories | FortiGuard
https://www.fortiguard.com/psirt/FG-IR-22-377
Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html
BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics
https://thehackernews.com/2022/10/bazarcall-callback-phishing-attacks.html
Qakbot/Qakbot_BB_11.10.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB_11.10.2022.txt
The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform | Mandiant
https://www.mandiant.com/resources/blog/caffeine-phishing-service-platform
Hello World under the microscope - gynvael.coldwind//vx.log
https://gynvael.coldwind.pl/?lang=en&id=754
Hacking group POLONIUM uses ‘Creepy’ malware against Israel
https://www.bleepingcomputer.com/news/security/hacking-group-polonium-uses-creepy-malware-against-israel/
Adam Sawicki on Twitter: ""Hello World under the microscope" - an article we wrote together with @gynvael and @j00ru! Originally published in issue 100 (1/2022) of the Programista magazine, now available online in Polish and English. https://t.co/qGCe36Wigu" / Twitter
https://twitter.com/Reg__/status/1579909820597284865
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html
CYBERWARCON on Twitter: "Announcing this year's #CYBERWARCON speakers! Check out this incredible agenda. Get your ticket while they last. We will run out very soon. Thank you to everyone who submitted. And thank you to the board for making these excruciating decisions! https://t.co/r6EusorBUs" / Twitter
https://twitter.com/CYBERWARCON/status/1579851800290922496
Emotet Exposed: A Look Inside the Cybercriminal Supply Chain - VMware Security Blog - VMware
https://blogs.vmware.com/security/2022/10/emotet-exposed-a-look-inside-the-cybercriminal-supply-chain.html