Analysis of Pre-Auth RCE in Sophos Web Appliance (CVE-2023-1671) - Blog - VulnCheck
https://vulncheck.com/blog/cve-2023-1671-analysis
AADLAPS_Request.txt · GitHub
https://gist.github.com/xpn/30094cab39ea8946d8372a06e804866c
X_Trader Supply Chain Attack Affects Critical Infrastructure Organizations in U.S. and Europe | Symantec Enterprise Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/xtrader-3cx-supply-chain
那个饺子🥟🏴☠️ on Twitter: "At some point last fall/winter I felt like giving up on everything. I don’t know where i got the energy to keep going, but def one place was my work. Today, that work officially paid off: https://t.co/xcBcCocJqV Fuzzer will be open sourced soon :)" / Twitter
https://twitter.com/thatjiaozi/status/1649543907565359105
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
https://thehackernews.com/2023/04/lazarus-xtrader-hack-impacts-critical.html
GitHub - IntelLabs/kAFL: A fuzzer for full VM kernel/driver targets
https://github.com/IntelLabs/kAFL
Malware analysis reports - NCSC.GOV.UK
https://www.ncsc.gov.uk/section/keep-up-to-date/malware-analysis-reports
ATTRIBUTION MATTERS SHIRT RURAL TECH FUND FUNDRAISER Custom Ink Fundraising
https://www.customink.com/fundraising/attribution-matters-shirt-rural-tech-fund-fundraiser?utm_campaign=desktop-post-launch-v3&utm_content=attribution-matters-shirt-rural-tech-fund-fundraiser&utm_medium=social&utm_source=copy-link
Google ads push BumbleBee malware used by ransomware gangs
https://www.bleepingcomputer.com/news/security/google-ads-push-bumblebee-malware-used-by-ransomware-gangs/
THOR Lite - Nextron Systems
https://www.nextron-systems.com/thor-lite/
Florian Roth on Twitter: "I've your interested in the #TradingTechnologies compromise & detections, then follow this thread 🧵 You won't find these IOCs/rules anywhere else Hashes https://t.co/K6HuFN5xyG Filenames https://t.co/UECPqnQWTI YARA https://t.co/Lrdx2yLzp3" / Twitter
https://twitter.com/cyb3rops/status/1649082991979659270
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
https://thehackernews.com/2023/04/cisa-adds-3-actively-exploited-flaws-to.html
The Hand That Strikes, Also Blocks
https://www.slideshare.net/saumilshah/the-hand-that-strikes-also-blocks
GhostToken GCP flaw let attackers backdoor Google accounts
https://www.bleepingcomputer.com/news/security/ghosttoken-gcp-flaw-let-attackers-backdoor-google-accounts/