2023-01-08 | Hacker Trends

01/07

01/08

01/09

7 Posts

ZeroTotal: Rusty Calc - 0xTriboulet

https://steve-s.gitbook.io/0xtriboulet/zerototal/zerototal-rusty-calc

ZeroTotal: Rusty Calc - 0xTriboulet

7 Posts

Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters

https://www.reuters.com/world/europe/russian-hackers-targeted-us-nuclear-scientists-2023-01-06/

Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters

7 Posts

I scanned every package on PyPi and found 57 live AWS keys | Tom Forbes

https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/

I scanned every package on PyPi and found 57 live AWS keys | Tom Forbes

6 Posts

GitHub - D1rkMtr/FilelessNtdllReflection: Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table

https://github.com/D1rkMtr/FilelessNtdllReflection

GitHub - D1rkMtr/FilelessNtdllReflection: Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table

6 Posts

Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors

https://thehackernews.com/2023/01/russian-turla-hackers-hijack-decade-old.html

Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors

5 Posts

Santos (Steve) S. on Twitter: "In this writeup, we leverage @rustlang's inherent obfuscation against existing AV technologies to quickly bypass all detection on VirusTotal using unsafe code blocks. We can even achieve 0-total detections with a standard MSFVenom payload! Check it out https://t.co/BZlDNaGrB1 https://t.co/WduEDOJJ5u" / Twitter

https://twitter.com/0xTriboulet/status/1611986285589319685

Santos (Steve) S. on Twitter: "In this writeup, we leverage @rustlang's inherent obfuscation against existing AV technologies to quickly bypass all detection on VirusTotal using unsafe code blocks. We can even achieve 0-total detections with a standard MSFVenom payload! Check it out https://t.co/BZlDNaGrB1 https://t.co/WduEDOJJ5u" / Twitter

5 Posts

PE-sieve detecting AceLdr - YouTube

https://youtu.be/mjT4t5nH-d4?t=1053

PE-sieve detecting AceLdr - YouTube

5 Posts

Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls

https://www.bleepingcomputer.com/news/security/malicious-pypi-packages-create-cloudflare-tunnels-to-bypass-firewalls/

Malicious PyPi packages create CloudFlare Tunnels to bypass firewalls

4 Posts

Santos (Steve) S. on Twitter: "In this writeup, we leverage @rustlang's inherent obfuscation against existing AV technologies to quickly bypass all detection on VirusTotal using unsafe code blocks. We can even achieve 0-total detections with a standard MSFVenom payload! Check it out https://t.co/BZlDNaGrB1 https://t.co/WduEDOJJ5u" / Twitter

https://twitter.com/0xtriboulet/status/1611986285589319685

Santos (Steve) S. on Twitter: "In this writeup, we leverage @rustlang's inherent obfuscation against existing AV technologies to quickly bypass all detection on VirusTotal using unsafe code blocks. We can even achieve 0-total detections with a standard MSFVenom payload! Check it out https://t.co/BZlDNaGrB1 https://t.co/WduEDOJJ5u" / Twitter

4 Posts

The Ultimate OSINT Collection - start.me

https://start.me/p/DPYPMz/the-ultimate-osint-collection

The Ultimate OSINT Collection - start.me

4 Posts

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources

https://unit42.paloaltonetworks.com/purpleurchin-steals-cloud-resources/

PurpleUrchin Bypasses CAPTCHA and Steals Cloud Platform Resources

4 Posts

Windows 7 to stop receiving extended security updates on Tuesday

https://www.bleepingcomputer.com/news/microsoft/windows-7-to-stop-receiving-extended-security-updates-on-tuesday/

Windows 7 to stop receiving extended security updates on Tuesday

4 Posts

The OWASSRF + TabShell exploit chain

https://blog.viettelcybersecurity.com/tabshell-owassrf/

The OWASSRF + TabShell exploit chain

4 Posts

malware_analysis/brc4 at main · matthw/malware_analysis · GitHub

https://github.com/matthw/malware_analysis/tree/main/brc4

malware_analysis/brc4 at main · matthw/malware_analysis · GitHub

4 Posts

要人警護に特化したサイバーパトロール開始、「襲撃の予兆」ＳＮＳから収集 : 読売新聞オンライン

https://www.yomiuri.co.jp/national/20230107-OYT1T50303/

要人警護に特化したサイバーパトロール開始、「襲撃の予兆」ＳＮＳから収集 : 読売新聞オンライン

3 Posts

InfoSec Handlers Diary Blog - SANS Internet Storm Center

https://i5c.us/d29410

InfoSec Handlers Diary Blog - SANS Internet Storm Center

3 Posts

Advanced KQL for Threat Hunting: Window Functions — Part 1 | by Mehmet Ergene | Jan, 2023 | Medium

https://posts.bluraven.io/advanced-kql-for-threat-hunting-window-functions-part-1-14ac09353ad3

Advanced KQL for Threat Hunting: Window Functions — Part 1 | by Mehmet Ergene | Jan, 2023 | Medium

3 Posts

GitHub - vitoplantamura/BugChecker: SoftICE-like kernel debugger for Windows 11

https://github.com/vitoplantamura/BugChecker

GitHub - vitoplantamura/BugChecker: SoftICE-like kernel debugger for Windows 11

3 Posts

.NET Downloader Leading to OriginLogger | Tony Lambert

https://forensicitguy.github.io/net-downloader-originlogger/

.NET Downloader Leading to OriginLogger | Tony Lambert

3 Posts

Fuzzing the Shield: CVE-2022–24548 | by S2W | S2W BLOG | Dec, 2022 | Medium

https://medium.com/s2wblog/fuzzing-the-shield-cve-2022-24548-96f568980c0

Fuzzing the Shield: CVE-2022–24548 | by S2W | S2W BLOG | Dec, 2022 | Medium

3 Posts

Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News

https://therecord.media/moldova%ca%bcs-government-hit-by-flood-of-phishing-attacks/

Moldovaʼs government hit by flood of phishing attacks - The Record from Recorded Future News

3 Posts

Job Application for Corporate Security Engineer at Wiz, Inc.

https://boards.greenhouse.io/wizinc/jobs/4014234006

Job Application for Corporate Security Engineer at Wiz, Inc.

3 Posts

Hive Ransomware leaked 550 GB stolen from Consulate Health CareSecurity Affairs

https://securityaffairs.com/140452/cyber-crime/consulate-health-care-hive-ransomware.html

Hive Ransomware leaked 550 GB stolen from Consulate Health CareSecurity Affairs

3 Posts

How I fuzz and hack APIs?

https://rashahacks.com/how-i-fuzz-and-hack-api/

How I fuzz and hack APIs?

3 Posts

GitHub - AzureAD/Azure-AD-Incident-Response-PowerShell-Module: The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.

https://github.com/AzureAD/Azure-AD-Incident-Response-PowerShell-Module

GitHub - AzureAD/Azure-AD-Incident-Response-PowerShell-Module: The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.

3 Posts

Turning Google smart speakers into wiretaps for $100k

https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html

Turning Google smart speakers into wiretaps for $100k

3 Posts

Exploit Party: Bring Your Own Vulnerable Driver Attacks - FourCore

https://fourcore.io/blogs/bring-your-own-vulnerable-driver-attack

Exploit Party: Bring Your Own Vulnerable Driver Attacks - FourCore

3 Posts

Hexacorn | Blog Excelling at Excel, Part 2

https://www.hexacorn.com/blog/2023/01/08/excelling-at-excel-part-2/

Hexacorn | Blog Excelling at Excel, Part 2

3 Posts

Fuzzing ping(8)

https://tlakh.xyz/fuzzing-ping.html

Fuzzing ping(8)