07/06
07/07
07/08
7 Posts

[REL] A Journey Into Hacking Google Search Appliance | DEVCORE

https://devco.re/blog/2023/07/07/a-journey-into-hacking-google-search-appliance-en/
[REL] A Journey Into Hacking Google Search Appliance | DEVCORE
6 Posts

Mastodon Social Network Patches Critical Flaws Allowing Server Takeover

https://thehackernews.com/2023/07/mastodon-social-network-patches.html
Mastodon Social Network Patches Critical Flaws Allowing Server Takeover
5 Posts

Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities

https://thehackernews.com/2023/07/google-releases-android-patch-update.html
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
5 Posts

Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks

https://thehackernews.com/2023/07/cybersecurity-agencies-sound-alarm-on.html
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks
5 Posts

JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident

https://thehackernews.com/2023/07/jumpcloud-resets-api-keys-amid-ongoing.html
JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident
5 Posts

Critical TootRoot bug lets attackers hijack Mastodon servers

https://www.bleepingcomputer.com/news/security/critical-tootroot-bug-lets-attackers-hijack-mastodon-servers/
Critical TootRoot bug lets attackers hijack Mastodon servers
4 Posts

Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software

https://thehackernews.com/2023/07/another-critical-unauthenticated-sqli.html
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
4 Posts

Introducing Slinky Cat - Living off the AD Land

https://labs.lares.com/introducing-slinkycat/
Introducing Slinky Cat - Living off the AD Land
4 Posts

BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days

https://thehackernews.com/2023/07/blackbyte-20-ransomware-infiltrate.html
BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
4 Posts

The five-day job: A BlackByte ransomware intrusion case study | Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2023/07/06/the-five-day-job-a-blackbyte-ransomware-intrusion-case-study/
The five-day job: A BlackByte ransomware intrusion case study | Microsoft Security Blog
4 Posts

Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing

https://thehackernews.com/2023/07/vishing-goes-high-tech-new-letscall.html
Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing
4 Posts

MOVEit Transfer customers warned to patch new critical flaw

https://www.bleepingcomputer.com/news/security/moveit-transfer-customers-warned-to-patch-new-critical-flaw/
MOVEit Transfer customers warned to patch new critical flaw
3 Posts

Arbitrary file creation through media attachments · Advisory · mastodon/mastodon · GitHub

https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm
Arbitrary file creation through media attachments · Advisory · mastodon/mastodon · GitHub
3 Posts

Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted trafficSecurity Affairs

https://securityaffairs.com/148235/security/cisco-nexus-9000-series-flaw.html
Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted trafficSecurity Affairs
3 Posts

LDAP Queries for Offensive and Defensive Operations

https://www.politoinc.com/post/ldap-queries-for-offensive-and-defensive-operations
LDAP Queries for Offensive and Defensive Operations
3 Posts

Kernel Object Names Lifetime – Pavel Yosifovich

https://scorpiosoftware.net/2023/05/15/kernel-object-names-lifetime/
Kernel Object Names Lifetime – Pavel Yosifovich
3 Posts

Relaying Kerberos over DNS using krbrelayx and mitm6 - dirkjanm.io

https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/
Relaying Kerberos over DNS using krbrelayx and mitm6 - dirkjanm.io
3 Posts

CISA warns govt agencies to patch actively exploited Android driver

https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver/
CISA warns govt agencies to patch actively exploited Android driver
3 Posts

Barracuda working on fix for ongoing Email Gateway login issues

https://www.bleepingcomputer.com/news/security/barracuda-working-on-fix-for-ongoing-email-gateway-login-issues/
Barracuda working on fix for ongoing Email Gateway login issues
3 Posts

6 Steps to Landing a Job in Cybersecurity | Orca Security

https://orca.security/resources/blog/6-steps-to-landing-cybersecurity-job/
6 Steps to Landing a Job in Cybersecurity | Orca Security
3 Posts

Fortigate - Authentication Bypass Lead to Full Device Takeover

https://labs.hakaioffsec.com/fortigate-authentication-bypass/
Fortigate - Authentication Bypass Lead to Full Device Takeover
3 Posts

Apps with 1.5M installs on Google Play send your data to China

https://www.bleepingcomputer.com/news/security/google-play-apps-with-15-million-installs-send-your-data-to-china/
Apps with 1.5M installs on Google Play send your data to China
3 Posts

Beyond appearances: unknown actor using APT29’s TTP against Chinese users

https://lab52.io/blog/beyond-appearances-unknown-actor-using-apt29s-ttp-against-chinese-users/
Beyond appearances: unknown actor using APT29’s TTP against Chinese users
3 Posts

Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware | Proofpoint US

https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware | Proofpoint US