2022-11-17 | Hacker Trends

11/16

11/17

11/18

20 Posts

GitHub - testanull/ProxyNotShell-PoC

https://github.com/testanull/ProxyNotShell-PoC

GitHub - testanull/ProxyNotShell-PoC

18 Posts

The Art of Bypassing Kerberoast Detections with Orpheus - TrustedSec

https://trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/

The Art of Bypassing Kerberoast Detections with Orpheus - TrustedSec

12 Posts

Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan - Jack Hacks

https://jhalon.github.io/chrome-browser-exploitation-2/

Chrome Browser Exploitation, Part 2: Introduction to Ignition, Sparkplug and JIT Compilation via TurboFan - Jack Hacks

11 Posts

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures | Rapid7 Blog

https://www.rapid7.com/blog/post/2022/11/16/cve-2022-41622-and-cve-2022-41800-fixed-f5-big-ip-and-icontrol-rest-vulnerabilities-and-exposures/

CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures | Rapid7 Blog

11 Posts

GitHub - pwntester/ysoserial.net: Deserialization payload generator for a variety of .NET formatters

http://YSoSerial.Net

GitHub - pwntester/ysoserial.net: Deserialization payload generator for a variety of .NET formatters

9 Posts

DAGON LOCKER Ransomware Being Distributed - ASEC BLOG

https://asec.ahnlab.com/en/42037/

DAGON LOCKER Ransomware Being Distributed - ASEC BLOG

9 Posts

The Art of Bypassing Kerberoast Detections with Orpheus - TrustedSec

https://www.trustedsec.com/blog/the-art-of-bypassing-kerberoast-detections-with-orpheus/

The Art of Bypassing Kerberoast Detections with Orpheus - TrustedSec

9 Posts

GitHub - 0xe7/WonkaVision

https://github.com/0xe7/WonkaVision

GitHub - 0xe7/WonkaVision

9 Posts

GitHub - tomasz-lisowski/swicc: A framework for creating smart cards (ICC-based cards with contacts).

https://github.com/tomasz-lisowski/swicc

GitHub - tomasz-lisowski/swicc: A framework for creating smart cards (ICC-based cards with contacts).

9 Posts

GitHub - tomasz-lisowski/swsim: A software-only SIM card.

https://github.com/tomasz-lisowski/swsim

GitHub - tomasz-lisowski/swsim: A software-only SIM card.

8 Posts

MalwareBazaar | Browse Checking your browser

https://bazaar.abuse.ch/sample/8ca16991684f7384c12b6622b8d1bcd23bc27f186f499c2059770ddd3031f274/

MalwareBazaar | Browse Checking your browser

8 Posts

IcedID/icedID_16.11.2022.txt at main · pr0xylife/IcedID · GitHub

https://github.com/pr0xylife/IcedID/blob/main/icedID_16.11.2022.txt

IcedID/icedID_16.11.2022.txt at main · pr0xylife/IcedID · GitHub

8 Posts

GitHub - IntelBroker/Endurance-Wiper: a small wiper malware programmed in c#

https://github.com/IntelBroker/Endurance-Wiper

GitHub - IntelBroker/Endurance-Wiper: a small wiper malware programmed in c#

8 Posts

ARCrypter Ransomware Expands Its Operations From Latin America to the World

https://blogs.blackberry.com/en/2022/11/arcrypter-ransomware-expands-its-operations-from-latin-america-to-the-world

ARCrypter Ransomware Expands Its Operations From Latin America to the World

8 Posts

Security concerns with the e-Tugra certificate authority

https://ian.sh/etugra

Security concerns with the e-Tugra certificate authority

8 Posts

Protection Bulletins

https://www.broadcom.com/support/security-center/protection-bulletin#blt3cf3d5791073e565_en-us

Protection Bulletins

8 Posts

Qakbot/Qakbot_BB06_17.11.2022.txt at main · pr0xylife/Qakbot · GitHub

https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB06_17.11.2022.txt

Qakbot/Qakbot_BB06_17.11.2022.txt at main · pr0xylife/Qakbot · GitHub

8 Posts

DEV-0569 finds new ways to deliver Royal ransomware, various payloads - Microsoft Security Blog

https://msft.it/6013dxoS9

DEV-0569 finds new ways to deliver Royal ransomware, various payloads - Microsoft Security Blog

8 Posts

MalwareBazaar | Browse Checking your browser

https://bazaar.abuse.ch/sample/fa20a519c10bb39da0463d8364fccb71dc226843c5cd7d71dd225e5b1a4c9a01/

MalwareBazaar | Browse Checking your browser

7 Posts

New RapperBot Campaign – We Know What You Bruting for this Time | FortiGuard Labs

https://www.fortinet.com/blog/threat-research/new-rapperbot-campaign-ddos-attacks

New RapperBot Campaign – We Know What You Bruting for this Time | FortiGuard Labs

7 Posts

Token tactics: How to prevent, detect, and respond to cloud token theft - Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2022/11/16/token-tactics-how-to-prevent-detect-and-respond-to-cloud-token-theft/

Token tactics: How to prevent, detect, and respond to cloud token theft - Microsoft Security Blog

7 Posts

GitHub - trustedsec/orpheus: Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

https://github.com/trustedsec/orpheus

GitHub - trustedsec/orpheus: Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types

7 Posts

Iranian hackers breached the agency that hears federal worker grievances - The Washington Post

https://www.washingtonpost.com/politics/2022/11/17/iranian-hackers-breached-agency-that-hears-federal-worker-grievances/

Iranian hackers breached the agency that hears federal worker grievances - The Washington Post

6 Posts

Infosys leaked FullAdminAccess AWS keys on PyPi for over a year | Tom Forbes

https://tomforb.es/infosys-leaked-fulladminaccess-aws-keys-on-pypi-for-over-a-year/

Infosys leaked FullAdminAccess AWS keys on PyPi for over a year | Tom Forbes

6 Posts

Dtrack expands its operations to Europe and Latin America | Securelist

https://securelist.com/dtrack-targeting-europe-latin-america/107798/

Dtrack expands its operations to Europe and Latin America | Securelist

6 Posts

Janggggg on Twitter: "You guys must be waiting for this, So this is the working PoC script of the Exchange 0day exploited ITW https://t.co/XGx0fYJygm" / Twitter

https://twitter.com/testanull/status/1593069258543894528

Janggggg on Twitter: "You guys must be waiting for this, So this is the working PoC script of the Exchange 0day exploited ITW https://t.co/XGx0fYJygm" / Twitter

6 Posts

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

https://thehackernews.com/2022/11/high-severity-vulnerabilities-reported.html

High Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices

6 Posts

proxylife on Twitter: "#Qakbot - BB06 - url > .zip > .zip > .img > .js > .dll wscript.exe WW.js regsvr32.exe port\resemblance.tmp Samples 👇 https://t.co/Ml6MkzGyfb https://t.co/N1TPb3rrWo IOC's https://t.co/h2t4Oi4TbS https://t.co/ywiCKCo6F4" / Twitter

https://twitter.com/pr0xylife/status/1593269746534858756

proxylife on Twitter: "#Qakbot - BB06 - url > .zip > .zip > .img > .js > .dll wscript.exe WW.js regsvr32.exe port\resemblance.tmp Samples 👇 https://t.co/Ml6MkzGyfb https://t.co/N1TPb3rrWo IOC's https://t.co/h2t4Oi4TbS https://t.co/ywiCKCo6F4" / Twitter

6 Posts

Disneyland Malware Team: It’s a Puny World After All – Krebs on Security

https://krebsonsecurity.com/2022/11/disneyland-malware-team-its-a-puny-world-after-all/

Disneyland Malware Team: It’s a Puny World After All – Krebs on Security

6 Posts

Iranian Hackers Compromised a U.S. Federal Agency's Network Using Log4Shell Exploit

https://thehackernews.com/2022/11/iranian-hackers-compromised-us-federal.html

Iranian Hackers Compromised a U.S. Federal Agency's Network Using Log4Shell Exploit

6 Posts

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

https://thehackernews.com/2022/11/north-korean-hackers-targeting-europe.html

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

6 Posts

QBot phishing abuses Windows Control Panel EXE to infect devices

https://www.bleepingcomputer.com/news/security/qbot-phishing-abuses-windows-control-panel-exe-to-infect-devices/

QBot phishing abuses Windows Control Panel EXE to infect devices