2022-12-07 | Hacker Trends

12/06

12/07

12/08

16 Posts

DEV-0139 launches targeted attacks against the cryptocurrency industry - Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/

DEV-0139 launches targeted attacks against the cryptocurrency industry - Microsoft Security Blog

14 Posts

Apple advances user security with powerful new data protections - Apple

https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/

Apple advances user security with powerful new data protections - Apple

14 Posts

Internet Explorer 0-day exploited by North Korean actor APT37

https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/

Internet Explorer 0-day exploited by North Korean actor APT37

13 Posts

Bug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass | A developer's notes in the world of security research and bug bounty, by pmnh

https://h1pmnh.github.io/post/writeup_spring_el_waf_bypass/

Bug Writeup: RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass | A developer's notes in the world of security research and bug bounty, by pmnh

11 Posts

Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED

https://www.wired.com/story/apple-photo-scanning-csam-communication-safety-messages/

Apple Kills Its Plan to Scan Your Photos for CSAM. Here’s What’s Next | WIRED

11 Posts

2346 - Windows: HTTP.SYS Kerberos PAC Verification Bypass EoP - project-zero

https://bugs.chromium.org/p/project-zero/issues/detail?id=2346

2346 - Windows: HTTP.SYS Kerberos PAC Verification Bypass EoP - project-zero

7 Posts

Kali Linux 2022.4 Release (Azure, Social & Kali NetHunter Pro) | Kali Linux Blog

https://www.kali.org/blog/kali-linux-2022-4-release/

Kali Linux 2022.4 Release (Azure, Social & Kali NetHunter Pro) | Kali Linux Blog

6 Posts

Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity

https://www.welivesecurity.com/2022/12/07/fantasy-new-agrius-wiper-supply-chain-attack/

Fantasy – a new Agrius wiper deployed through a supply‑chain attack | WeLiveSecurity

6 Posts

HTID

https://opensecuritytraining.info/HTID.html

HTID

6 Posts

GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course

https://github.com/ashemery/exploitation-course

GitHub - ashemery/exploitation-course: Offensive Software Exploitation Course

6 Posts

MalwareBazaar | Browse Checking your browser

https://bazaar.abuse.ch/sample/ac738b061845ca506d186c7749080cdbf443f859e2b551dd0402474b2604b249/

MalwareBazaar | Browse Checking your browser

6 Posts

exploitation-course/course/2021 at master · ashemery/exploitation-course · GitHub

https://github.com/ashemery/exploitation-course/tree/master/course/2021

exploitation-course/course/2021 at master · ashemery/exploitation-course · GitHub

6 Posts

New Go-based Zerobot Botnet Exploiting Dozen of IoT Vulnerabilities to Expand its Network

https://thehackernews.com/2022/12/new-go-based-zerobot-botnet-exploiting.html

New Go-based Zerobot Botnet Exploiting Dozen of IoT Vulnerabilities to Expand its Network

6 Posts

MalwareBazaar | Browse Checking your browser

https://bazaar.abuse.ch/sample/96d2f4131542e1b4a6e9bba0bf3807008cb8340e7d247b464fdbebe11031d9e2/

MalwareBazaar | Browse Checking your browser

6 Posts

Qakbot/Qakbot_BB09_07.12.2022.txt at main · pr0xylife/Qakbot · GitHub

https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB09_07.12.2022.txt

Qakbot/Qakbot_BB09_07.12.2022.txt at main · pr0xylife/Qakbot · GitHub

6 Posts

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier

https://thehackernews.com/2022/12/russian-hackers-spotted-targeting-us.html

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier