Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now
https://www.bleepingcomputer.com/news/security/fortinet-fixes-critical-rce-flaw-in-fortigate-ssl-vpn-devices-patch-now/
CVExploits
https://cvexploits.io/
Truls Aandal on Twitter: "Screenshot to see what 2023 will bring you! https://t.co/cUGpQsOqnY" / Twitter
https://twitter.com/ttrulss/status/1609088086574514177
A Truly Graceful Wipe Out - The DFIR Report
https://thedfirreport.com/2023/06/12/a-truly-graceful-wipe-out/
SteelCloverが使用する新たなマルウェアPowerHarborについて, Rintaro Koike
https://insight-jp.nttsecurity.com/post/102ignh/steelcloverpowerharbor
GitHub - sfewer-r7/CVE-2023-34362: CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
https://github.com/sfewer-r7/CVE-2023-34362
MSSQL linked servers: abusing ADSI for password retrieval
https://www.tarlogic.com/blog/linked-servers-adsi-passwords/
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/browse/tag/recupero%20crediti/
GitHub - horizon3ai/CVE-2023-34362: MOVEit CVE-2023-34362
https://github.com/horizon3ai/CVE-2023-34362
Apple's Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs
https://thehackernews.com/2023/06/apples-safari-private-browsing-now.html
How credit-card size computers are made (Factory Tour) - YouTube
https://youtu.be/k2C4lbbIH0c
Defeating Windows DEP With A Custom ROP Chain | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2023/06/12/defeating-windows-dep-with-a-custom-rop-chain/
Kevin Collier on Twitter: "New: A hospital in rural Illinois will close Friday, becoming the first to shut down in part because of a devastating ransomware attack it never financially recovered from: https://t.co/ywvVvFI6TE" / Twitter
https://twitter.com/kevincollier/status/1668280140076384260
Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable
https://thehackernews.com/2023/06/cybercriminals-using-powerful-batcloak.html
Solarmarker: The Old is New – Squiblydoo.blog
https://squiblydoo.blog/2022/09/27/solarmarker-the-old-is-new/
REKCAH! Publishing – Spearphish General Store
https://spearphish-general-store.myshopify.com/collections/rekcah-publishing
Ian Coldwater 📦💥 on Twitter: "Drop a cool photo someone took of you doing your job https://t.co/7XkHBJSuNF" / Twitter
https://twitter.com/IanColdwater/status/1668271889733545992
Introduction to encryption for embedded Linux developers - sergioprado.blog
https://sergioprado.blog/introduction-to-encryption-for-embedded-linux-developers/
Abusing undocumented features to spoof PE section headers | secret club
https://secret.club/2023/06/05/spoof-pe-sections.html
Daily Cyber Briefing- Monday 12th June / Twitter
https://twitter.com/i/broadcasts/1lDxLngzvwmGm
When You Lie for a Living, Everyone & Everything Is Hackable🎙Darknet Diaries Ep. 134: Deviant - YouTube
https://www.youtube.com/watch?v=avZOQNt8Ltk
The DFIR Report on Twitter: "A Truly Graceful Wipe Out ➡️Initial Access: Email > TDS > Truebot download ➡️Credentials: LSASS & Registry Dump ➡️Persistence: Scheduled Task ➡️C2: Truebot, FlawedGrace, Cobalt Strike ➡️Exfiltration: FlawedGrace ➡️Impact: MBR Killer https://t.co/qcAYmPmSPB 1/X" / Twitter
https://twitter.com/TheDFIRReport/status/1668219986962161667
A More Complete Exploit for Fortinet CVE-2022-42475 | Bishop Fox
https://bishopfox.com/blog/exploit-cve-2022-42475?utm_campaign=awareness&utm_medium=social&utm_source=linkedin&utm_term=blog
T(w)itter Daily News on Twitter: "UPDATE: Twitter to change policy to help reduce Spam DMs later this week. Only verified users will be able to send DMs to users that don’t follow them back. https://t.co/lZcgpSuEy5" / Twitter
https://twitter.com/titterdaily/status/1668039817081372678
Strava heatmap feature can be abused to find home addresses
https://www.bleepingcomputer.com/news/security/strava-heatmap-feature-can-be-abused-to-find-home-addresses/
Omri Segev Moyal on Twitter: "It's great day to visit @Fortinet booth. Best IR job creators in the industry 😂 https://t.co/PBm6iWRKUK" / Twitter
https://twitter.com/GelosSnake/status/1668224568283086848
Confidential data downloaded from UK regulator Ofcom in cyberattack
https://therecord.media/ofcom-cyberattack-uk-regulator-moveit-vulnerability
Exploit released for MOVEit RCE bug used in data theft attacks
https://www.bleepingcomputer.com/news/security/exploit-released-for-moveit-rce-bug-used-in-data-theft-attacks/
MOVEit hack: Media watchdog Ofcom latest victim of mass hack - BBC News
https://www.bbc.co.uk/news/technology-65877210
Microsoft: Azure Portal outage was caused by traffic “spike”
https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-portal-outage-was-caused-by-traffic-spike-/
BHIS Seismograph Logo T-Shirt – Spearphish General Store
https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections/products/bhis-seismograph-logo-t-shirt
Mobile Pentesting 101 – How to Set Up Your iOS Environment – Security Café
https://securitycafe.ro/2023/06/12/mobile-pentesting-101-how-to-set-up-your-ios-environment/