Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899) | Soroush Dalili (@irsdl) Blog
https://soroush.me/blog/2023/08/cookieless-duodrop-iis-auth-bypass-app-pool-privesc-in-asp-net-framework-cve-2023-36899/
A Message from Rapid7 CEO, Corey Thomas | Rapid7 Blog
https://www.rapid7.com/blog/post/2023/08/08/a-message-from-rapid7-ceo-corey-thomas/
r-tec Blog | Evade signature-based phishing detections - r-tec Cyber Security
https://www.r-tec.net/r-tec-blog-evade-signature-based-phishing-detections.html
EvilProxy phishing campaign targets 120,000 Microsoft 365 users
https://www.bleepingcomputer.com/news/security/evilproxy-phishing-campaign-targets-120-000-microsoft-365-users/
Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining
https://thehackernews.com/2023/08/malicious-campaigns-exploit-weak.html
U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons
https://thehackernews.com/2023/08/uk-electoral-commission-breach-exposes.html
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs
https://thehackernews.com/2023/08/collidepower-downfall-and-inception-new.html
Microsoft Releases Patches for 74 New Vulnerabilities in August Update
https://thehackernews.com/2023/08/microsoft-releases-patches-for-74-new.html
Ghidralligator: Emulate and Fuzz the Embedded World - Airbus Defence and Space Cyber
https://www.cyber.airbus.com/ghidralligator_emulate_and_fuzz_the_embedded_world/
China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign
https://thehackernews.com/2023/08/china-linked-hackers-strike-worldwide.html
New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks
https://thehackernews.com/2023/08/new-android-14-security-feature-it.html
Google to fight hackers with weekly Chrome security updates
https://www.bleepingcomputer.com/news/google/google-to-fight-hackers-with-weekly-chrome-security-updates/
Rapid7 Announces Layoffs, Office Closings Under Restructuring Plan - SecurityWeek
https://www.securityweek.com/rapid7-announces-layoffs-office-closings-under-restructuring-plan/
Popular open source project Moq criticized for quietly collecting data
https://www.bleepingcomputer.com/news/security/popular-open-source-project-moq-criticized-for-quietly-collecting-data/
INTERPOL shutters ‘16shop’ phishing platform • The Register
https://www.theregister.com/2023/08/09/interpol_16shop_phishing_shutdown/
August 2023 Security Updates - Release Notes - Security Update Guide - Microsoft
https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug
New Downfall attacks on Intel CPUs steal encryption keys, data
https://www.bleepingcomputer.com/news/security/new-downfall-attacks-on-intel-cpus-steal-encryption-keys-data/
GitHub - sensepost/hostapd-mana at hostapd-2.10
https://github.com/sensepost/hostapd-mana/tree/hostapd-2.10
Northern Ireland police investigate second data breach after documents containing officers' names stolen | UK News | Sky News
https://news.sky.com/story/northern-ireland-police-investigate-second-data-breach-after-documents-containing-officers-names-stolen-12936808
SAP Patches Critical Vulnerability in PowerDesigner Product - SecurityWeek
https://www.securityweek.com/sap-patches-critical-vulnerability-in-powerdesigner-product/
Novel 'Inception' Attack Exposes Sensitive Data in CPUs
https://www.hackread.com/novel-inception-attack-exposes-data-cpus/
New Report Exposes Vice Society's Collaboration with Rhysida Ransomware
https://thehackernews.com/2023/08/new-report-exposes-vice-societys.html
BloodHound Community Edition: A New Era | by Andy Robbins | Aug, 2023 | Posts By SpecterOps Team Members
https://posts.specterops.io/bloodhound-community-edition-a-new-era-d64689806e90
The Rhysida Ransomware: Activity Analysis and Ties to Vice Society - Check Point Research
https://research.checkpoint.com/2023/the-rhysida-ransomware-activity-analysis-and-ties-to-vice-society/
Four tips to keep your GitHub Actions workflows secure - The GitHub Blog
https://github.blog/2023-08-09-four-tips-to-keep-your-github-actions-workflows-secure
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/browse/tag/ftp-mgcpakistan-com/
New BitForge cryptocurrency wallet flaws lets hackers steal crypto
https://www.bleepingcomputer.com/news/cryptocurrency/new-bitforge-cryptocurrency-wallet-flaws-lets-hackers-steal-crypto/
URLhaus | Checking your browser
https://urlhaus.abuse.ch/url/2703195/
PortSwigger Research on Twitter: "We've just published 'Smashing the state machine: the true potential of web race conditions' by @albinowax! Dive in to arm yourself with novel techniques & tooling, and help reshape this attack class: https://t.co/GJOOn4Wmab" / X
https://twitter.com/PortSwiggerRes/status/1689336402117279745
Microsoft Visual Studio Code flaw lets extensions steal passwords
https://www.bleepingcomputer.com/news/security/microsoft-visual-studio-code-flaw-lets-extensions-steal-passwords/
Rhysida ransomware behind recent attacks on healthcare
https://www.bleepingcomputer.com/news/security/rhysida-ransomware-behind-recent-attacks-on-healthcare/
Missouri warns that health info was stolen in IBM MOVEit data breach
https://www.bleepingcomputer.com/news/security/missouri-warns-that-health-info-was-stolen-in-ibm-moveit-data-breach/
LockBit threatens to leak medical data of cancer patients stolen from Varian Medical SystemsSecurity Affairs
https://securityaffairs.com/149307/cyber-crime/varian-medical-systems-lockbit-ransomware.html
Forging Tickets in 2023 - 0xdeaddood
https://0xdeaddood.rocks/2023/05/11/forging-tickets-in-2023/
Downfall: New Intel CPU Attack Exposing Sensitive Information - SecurityWeek
https://www.securityweek.com/downfall-new-intel-cpu-attack-exposing-sensitive-information/
JVN#83334799: SIG情報連携ポータルの API における複数の脆弱性
https://jvn.jp/jp/JVN83334799/
Webinar Registration - Zoom
https://ghst.ly/3Om0jDo
Interpol takes down phishing-as-a-service platform used by 70,000 people
https://therecord.media/phishing-as-a-service-platform-taken-down-16shop-interpol
CISA KEV: A Picture is Worth a Thousand Vulns
https://nucleussec.com/cisa-kev-art/