x86matthew - StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
GitHub - yuriisanin/CVE-2022-45025: [PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
https://github.com/yuriisanin/CVE-2022-45025![GitHub - yuriisanin/CVE-2022-45025: [PoC] Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)](/image/screenshot/e641f578729b91fd54b8f85786a31a67.webp)
Antivirus and EDR solutions tricked into acting as data wipers
https://www.bleepingcomputer.com/news/security/antivirus-and-edr-solutions-tricked-into-acting-as-data-wipers/
Malware-Traffic-Analysis.net - 2022-12-09 - HTML smuggling leads to Qakbot, distribution/botnet tag: azd
https://www.malware-traffic-analysis.net/2022/12/09/index.html
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/browse/tag/azd/
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/221210-prj85sac51
The Week in Ransomware - December 9th 2022 - Wide Impact
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-9th-2022-wide-impact/
New Truebot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm
https://thehackernews.com/2022/12/new-truebot-malware-variant-leveraging.html
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
https://thehackernews.com/2022/12/hack-for-hire-group-targets-travel-and.html
Air-gapped PCs vulnerable to data theft via power supply radiation
https://www.bleepingcomputer.com/news/security/air-gapped-pcs-vulnerable-to-data-theft-via-power-supply-radiation/
SilentMoonwalk: Implementing a dynamic Call Stack Spoofer | CyberSecurity Blog
https://klezvirus.github.io/RedTeaming/AV_Evasion/StackSpoofing/
services.jarm.fingerprint: 28d28d28d00028d00041d28d28d41dd279b0cf765af27fa62e66d7c8281124 - Host Search - Censys
https://search.censys.io/search/report?resource=hosts&q=services.jarm.fingerprint%3A+28d28d28d00028d00041d28d28d41dd279b0cf765af27fa62e66d7c8281124&virtual_hosts=EXCLUDE&field=ip&num_buckets=1000
Zero Day Initiative on Twitter: "And that's a wrap! Congrats to DEVCORE and @orange_8361 for winning Master of Pwn for Toronto 2022. Thanks to all who participated and special thanks to #Google and #Synology for co-sponsoring the event. https://t.co/3lOHjzC2ln" / Twitter
https://twitter.com/thezdi/status/1601326269102100486
Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
https://thehackernews.com/2022/12/researchers-detail-new-attack-method-to.html