Project Zero: RC4 Is Still Considered Harmful
https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
CVE-2022-22241: Juniper SSLVPN / JunOS RCE and Multiple Vulnerabilities – Blog | Octagon Networks
https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
Elon Musk on Twitter: "the bird is freed" / Twitter
https://twitter.com/elonmusk/status/1585841080431321088
OpenSSL warns of critical security vulnerability with upcoming patch | ZDNET
https://www.zdnet.com/article/openssl-warns-of-critical-security-vulnerability-with-upcoming-patch/
Blog - Towards the next generation of XNU memory safety: kalloc_type - Apple Security Research
https://security.apple.com/blog/towards-the-next-generation-of-xnu-memory-safety/
Elon Musk Twitter deal closes Thursday night - The Washington Post
https://www.washingtonpost.com/technology/2022/10/27/twitter-elon-musk/
Iain Anderson on Twitter: "Fun times ahead for #Adobe designers. Today, if you open a PSD (even one that's 20 years old) with an obscure PANTONE colour, it will remove the colour and make it black. Pantone want US$21/month for access, and Solid Coated goes behind the paywall in early November. https://t.co/BUxzViYFaQ" / Twitter
https://twitter.com/funwithstuff/status/1585850262656143360
Overview - Apple Security Research
https://security.apple.com
Cranefly: Threat Actor Uses Previously Unseen Techniques and Tools in Stealthy Campaign | Symantec Enterprise Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cranefly-new-tools-technique-geppei-danfuan
Malwarebytes on Twitter: "An apology https://t.co/8A3UtccX5K" / Twitter
https://twitter.com/malwarebytes/status/1585748974862061570
GitHub - Accenture/Spartacus: Spartacus DLL Hijacking Discovery Tool
https://github.com/Accenture/Spartacus
[CVE-2022-37969] | [Windows CLFS Zero-Day]
https://www.zscaler.com/blogs/security-research/technical-analysis-windows-clfs-zero-day-vulnerability-cve-2022-37969-part2-exploit-analysis![[CVE-2022-37969] | [Windows CLFS Zero-Day]](/image/screenshot/318db9fadec1eb3248e8207c7e5d70d9.webp)
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
https://thehackernews.com/2022/10/google-issues-urgent-chrome-update-to.html
Forthcoming OpenSSL Releases
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
TCP/IP Vulnerability CVE-2022–34718 PoC Restoration and Analysis | by Numen Cyber Labs | Oct, 2022 | Medium
https://medium.com/@numencyberlabs/analysis-and-summary-of-tcp-ip-protocol-remote-code-execution-vulnerability-cve-2022-34718-8fcc28538acf
Blog - Apple Security Bounty. Upgraded. - Apple Security Research
https://security.apple.com/blog/apple-security-bounty-upgraded/
Thomson Reuters leaked at least 3TB of sensitive data | Cybernews
https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/
Kyle Hanslovan on Twitter: "Whelp, wasn’t expecting this ConnectWise RCE to become public today. Guess we’ll publish on Monday how @HuntressLabs went from a researcher’s tweet to the ability to push ransomware through ~5,000 R1Soft servers that are exposed on Shodan. #staytuned https://t.co/HroDdZ5NYI https://t.co/mHLu6zpwic" / Twitter
https://twitter.com/KyleHanslovan/status/1586070009532522496
So long and thanks for all the bits - NCSC.GOV.UK
https://www.ncsc.gov.uk/blog-post/so-long-thanks-for-all-the-bits
GitHub - numencyber/VulnerabilityPoC
https://github.com/numencyber/VulnerabilityPoC
Welcome to hell, Elon - The Verge
https://www.theverge.com/2022/10/28/23428132/elon-musk-twitter-acquisition-problems-speech-moderation
Incident Report: Employee and Customer Account Compromise - August 4, 2022
https://www.twilio.com/blog/august-2022-social-engineering-attack