GitHub - blasty/lexmark
https://github.com/blasty/lexmark
www.localpotato.com
http://www.localpotato.com
The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf/
PoC of TabShell (CVE-2022-41076). More details: https://blog.viettelcybersecurity.com/tabshell-owassrf/ · GitHub
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
Automating Malware Analysis Operations (MAOps) - JPCERT/CC Eyes | JPCERT Coordination Center official Blog
https://blogs.jpcert.or.jp/en/2023/01/cloud_malware_analysis.html
SCATTERED SPIDER Attempts to Avoid Detection with Bring-Your-Own-Driver Tactic
https://www.crowdstrike.com/blog/scattered-spider-attempts-to-avoid-detection-with-bring-your-own-driver-tactic/
Disclosing a New Vulnerability in JWT Secret Poisoning (CVE-2022-23529)
https://unit42.paloaltonetworks.com/jsonwebtoken-vulnerability-cve-2022-23529/
Malware Analysis Operations(MAOps)の自動化 - JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ
https://blogs.jpcert.or.jp/ja/2023/01/cloud_malware_analysis.html
entrat.exe (MD5: AA225301DD06B562ED9668DF7E742101) - Interactive analysis - ANY.RUN
https://app.any.run/tasks/9b362341-ab97-4999-97f5-62cdb04b1489
http://www.itcci.jp/
http://www.itcci.jp/
Auth0 fixes RCE flaw in JsonWebToken library used by 22,000 projects
https://www.bleepingcomputer.com/news/security/auth0-fixes-rce-flaw-in-jsonwebtoken-library-used-by-22-000-projects/
StrongPity espionage campaign targeting Android users | WeLiveSecurity
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users/
Microsoft: Kubernetes clusters hacked in malware campaign via PostgreSQL
https://www.bleepingcomputer.com/news/security/microsoft-kubernetes-clusters-hacked-in-malware-campaign-via-postgresql/