Bypassing OGNL sandboxes for fun and charities | The GitHub Blog
https://github.blog/2023-01-27-bypassing-ognl-sandboxes-for-fun-and-charities/
GitHub - alt3kx/CVE-2023-24055_PoC: CVE-2023-24055 PoC (KeePass 2.5x)
https://github.com/alt3kx/CVE-2023-24055_PoC
HackSys Team on Twitter: "Adobe patched this RCE as CVE-2023-21608 https://t.co/ukWk5Dwb58 Cc: @shsirk" / Twitter
https://twitter.com/HackSysTeam/status/1613424122264190976
Adobe Acrobat Reader DC resetForm Use-After-Free Remote Code Execution Vulnerability - HackSys Inc
https://hacksys.io/advisories/HI-2022-006
SIP / VoIP - Pentester's Promiscuous Notebook
https://ppn.snovvcrash.rocks/pentest/infrastructure/networks/sip-voip#cisco-ip-phones
Ukraine: Sandworm hackers hit news agency with 5 data wipers
https://www.bleepingcomputer.com/news/security/ukraine-sandworm-hackers-hit-news-agency-with-5-data-wipers/
Western District of Washington | Alleged French cybercriminal to appear in Seattle on indictment for conspiracy, computer intrusion, wire fraud and aggravated identity theft | United States Department of Justice
https://www.justice.gov/usao-wdwa/pr/alleged-french-cybercriminal-appear-seattle-indictment-conspiracy-computer-intrusion
APT_REPORT/2022-Blockchain-Security-and-AML-Analysis-Annual-Report(EN).pdf at master · blackorbird/APT_REPORT · GitHub
https://github.com/blackorbird/APT_REPORT/blob/master/summary/2023/2022-Blockchain-Security-and-AML-Analysis-Annual-Report(EN).pdf
#GermanyRIP. Kremlin-loyal hacktivists wage DDoSes to retaliate for tank aid | Ars Technica
https://arstechnica.com/information-technology/2023/01/germanyrip-kremlin-loyal-hacktivists-wage-ddoses-to-retaliate-for-tank-aid/
The Week in Ransomware - January 27th 2023 - 'We hacked the hackers'
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-january-27th-2023-we-hacked-the-hackers/
Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service
https://thehackernews.com/2023/01/experts-uncover-identity-of-mastermind.html
A leaked internal message appears to show Elon Musk ordered Twitter staff to suspend a left-wing activist's account
https://www.msn.com/en-us/money/other/a-leaked-internal-message-appears-to-show-elon-musk-ordered-twitter-staff-to-suspend-a-left-wing-activist-s-account/ar-AA16NS0X?ocid=msedgntp&cvid=f468f8fa0e7544e098c70ac94e75aab9
GitHub - e-m-b-a/emba: EMBA - The firmware security analyzer
https://github.com/e-m-b-a/emba
Rob O'Donnell on Twitter: "This is what’s being circulated in & around the NYC underground. Watch your backs and I’d recommend staying away from public places. https://t.co/Af1U8X4VAt" / Twitter
https://twitter.com/odonnell_r/status/1619071078466490368
Malware Theory - How Packers Work, Polymorphism and Misconceptions - YouTube
https://youtu.be/ESLEf66EzDk
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
https://thehackernews.com/2023/01/isc-releases-security-patches-for-new.html
ESET Research on Twitter: "#BREAKING On January 25th #ESETResearch discovered a new cyberattack in 🇺🇦 Ukraine. Attackers deployed a new wiper we named #SwiftSlicer using Active Directory Group Policy. The #SwiftSlicer wiper is written in Go programing language. We attribute this attack to #Sandworm. 1/3 https://t.co/pMij9lpU5J" / Twitter
https://twitter.com/ESETresearch/status/1618960022150729728
CyberKnow on Twitter: "#killnet has updated their alleged attack lists for hospitals and medical organisations in several countries will thread them below #CyberSec #cybersecurity #infosec #RussiaUkraineWar #UkraineRussiaWar #USA #Poland #Germany #uk https://t.co/jJNaRcPLEY" / Twitter
https://twitter.com/cyberknow20/status/1619307679549358080
steven monacelli on Twitter: "NEW: Chad Loder is once again suspended. This comes after a suspension yesterday that was overturned within hours, after which Loder published claims about an unreported data breach at Twitter. https://t.co/kS12cHwi8A" / Twitter
https://twitter.com/stevanzetti/status/1595901406908764162
GitHub - redballoonsecurity/ofrak: OFRAK: unpack, modify, and repack binaries.
https://github.com/redballoonsecurity/ofrak
GitHub - ReFirmLabs/binwalk: Firmware Analysis Tool
https://github.com/ReFirmLabs/binwalk
At the Edge of Tier Zero: The Curious Case of the RODC | by Elad Shamir | Posts By SpecterOps Team Members
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
How US police use digital data to prosecute abortions | TechCrunch
https://techcrunch.com/2023/01/27/digital-data-roe-wade-reproductive-privacy/
Massive Microsoft 365 outage caused by WAN router IP change
https://www.bleepingcomputer.com/news/microsoft/massive-microsoft-365-outage-caused-by-wan-router-ip-change/
Docguard | Detects suspicious files!
https://app.docguard.io/3de760cbd285be07260fc3ddb8e39504b8a602435a077c7f89a5782d8e050e99/results/dashboard
RCE exploit for vRealize Log Insight coming next week, patch now
https://www.bleepingcomputer.com/news/security/rce-exploit-for-vrealize-log-insight-coming-next-week-patch-now/
GitHub - garrettfoster13/pre2k
https://github.com/garrettfoster13/pre2k
Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News
https://therecord.media/ransomware-experts-laud-hive-takedown-but-question-impact-without-arrests/
Bypassing Cloudflare WAF: XSS via SQL Injection
https://www.ukusormus.com/bypassing-cloudflare-waf-xss-via-sql-injection/
GitHub - onekey-sec/unblob: Extract files from any kind of container formats
https://github.com/onekey-sec/unblob