Unraveling the Illusion of Trust: The Innovative Attack Methodology Leveraging the "search-ms" URI Protocol Handler
https://www.trellix.com/en-us/about/newsroom/stories/research/beyond-file-search-a-novel-method.html
Welcome to NTInternals.click !
https://undocumented.ntinternals.click
http://undocumented.ntinternals.net
http://undocumented.ntinternals.net
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required
https://thehackernews.com/2023/07/major-security-flaw-discovered-in.html
TETRA Radio Code Encryption Has a Flaw: A Backdoor | WIRED
https://www.wired.com/story/tetra-radio-encryption-backdoor/
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures
https://thehackernews.com/2023/07/starkmule-targets-koreans-with-us.html
IcedID Malware Adapts and Expands Threat with Updated BackConnect Module
https://thehackernews.com/2023/07/icedid-malware-adapts-and-expands.html
2023 Security Awareness Report | SANS Security Awareness
https://www.sans.org/u/1rvh
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
https://thehackernews.com/2023/07/cybersecurity-agencies-warn-against.html
Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646) – Assetnote
https://blog.assetnote.io/2023/07/22/pre-auth-rce-metabase/
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
https://thehackernews.com/2023/07/hackers-abusing-windows-search-feature.html
eSentire | Attempted Delivery of Ducktail and Hawkeyes Payloads…
https://www.esentire.com/blog/ducktail-and-hawkeyes
BlueBravo Adapts to Target Diplomatic Entities with GraphicalProton Malware | Recorded Future
https://www.recordedfuture.com/bluebravo-adapts-to-target-diplomatic-entities-with-graphicalproton-malware
Tool Release: Cartographer | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2023/07/20/tool-release-cartographer/
Reproducing CVE-2023-38646: Metabase Pre-auth RCE - Calif
https://blog.calif.io/p/reproducing-cve-2023-38646-metabase
Twitter's rebranding to 'X' triggers Microsoft Edge security alert
https://www.bleepingcomputer.com/news/security/twitters-rebranding-to-x-triggers-microsoft-edge-security-alert/
BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities
https://thehackernews.com/2023/07/bluebravo-deploys-graphicalproton.html
Log in to Twitter / X
https://twitter.com/i/broadcasts/1RDGlalOAQOJL
Twitter unbans account that posted child sexual abuse, despite policy - The Washington Post
https://www.washingtonpost.com/technology/2023/07/27/twitter-csam-dom-lucre-elon-musk/
Abusing undocumented features to spoof PE section headers | secret club
https://secret.club/2023/06/05/spoof-pe-sections.html
Ivanti patches new zero-day exploited in Norwegian govt attacks
https://www.bleepingcomputer.com/news/security/ivanti-patches-new-zero-day-exploited-in-norwegian-govt-attacks/
BreachForums database and private chats for sale in hacker data breach
https://www.bleepingcomputer.com/news/security/breachforums-database-and-private-chats-for-sale-in-hacker-data-breach/
A Data Exfiltration Attack Scenario: The Porsche Experience
https://thehackernews.com/2023/07/a-data-exfiltration-attack-scenario.html
Accessibility as a cyber security priority - NCSC.GOV.UK
https://www.ncsc.gov.uk/blog-post/accessibility-as-a-cyber-security-priority
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/browse/tag/StrelaStealer
Analysis Invoice from IBE Solutions LLC.msg (MD5: 62FB7931850117E358EDAA4129E680C4) Malicious activity - Interactive analysis ANY.RUN
https://app.any.run/tasks/d745ae57-9145-4db5-99a5-fb9c3b109353/
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/3f38ae75758c8afb75b0660a7c927ccb2bce73f572a9e105ea2288f1288f682b/