Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization
https://thehackernews.com/2023/08/emerging-attacker-exploit-microsoft.html
New Statc Stealer Malware Emerges: Your Sensitive Data at Risk
https://thehackernews.com/2023/08/new-statc-stealer-malware-emerges-your.html
Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives
https://thehackernews.com/2023/08/cybercriminals-increasingly-using.html
New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks
https://thehackernews.com/2023/08/new-attack-alert-freezers-injector.html![New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks](/image/screenshot/ebc2b393a4a11a2c3731b80e8b9119ce.webp)
Encryption Flaws in Popular Chinese Language App Put Users' Typed Data at Risk
https://thehackernews.com/2023/08/encryption-flaws-in-popular-chinese.html
Simplifying BOF Development: Debug, Test, and Save Your B(e)acon | Cobalt Strike
https://www.cobaltstrike.com/blog/simplifying-bof-development
2023 Security Awareness Report | SANS Institute
https://www.sans.org/u/1rB0
GitHub - Bo0oM/fuzz.txt: Potentially dangerous files
https://github.com/Bo0oM/fuzz.txt
MoustachedBouncer hackers use AiTM attacks to spy on diplomats
https://www.bleepingcomputer.com/news/security/moustachedbouncer-hackers-use-aitm-attacks-to-spy-on-diplomats/
Hackers use open source Merlin post-exploitation toolkit in attacks
https://www.bleepingcomputer.com/news/security/hackers-use-open-source-merlin-post-exploitation-toolkit-in-attacks/
Dell Compellent hardcoded key exposes VMware vCenter admin creds
https://www.bleepingcomputer.com/news/security/dell-compellent-hardcoded-key-exposes-vmware-vcenter-admin-creds/
Special Offer for Asia Pacific Students | SANS Online Training
https://www.sans.org/u/1rLu
CISA: New Whirlpool backdoor used in Barracuda ESG hacks
https://www.bleepingcomputer.com/news/security/cisa-new-whirlpool-backdoor-used-in-barracuda-esg-hacks/
Analysis 5472de6f.msi (MD5: 564237780DFED12F01CD914FEE2B529B) Malicious activity - Interactive analysis ANY.RUN
https://app.any.run/tasks/b99e6672-2c2f-4c13-b921-c2997241a3fd/
CVE-2023-38181 - Security Update Guide - Microsoft - Microsoft Exchange Server Spoofing Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38181
Interpol Busts Phishing-as-a-Service Platform '16Shop,' Leading to 3 Arrests
https://thehackernews.com/2023/08/interpol-busts-phishing-as-service.html
Windows Defender-Pretender Attack Dismantles Flagship Microsoft EDR
https://www.darkreading.com/attacks-breaches/-researchers-detail-vuln-that-allowed-for-windows-defender-update-process-hijack
Detect FYI
http://Detect.FYI
Homeland Security report details how teen hackers exploited security weaknesses in some of the world's biggest companies | CNN Politics
https://www.cnn.com/2023/08/10/politics/dhs-hacking-report/index.html
ICS Village DEFCON 31 Custom Ink Fundraising
https://www.customink.com/fundraising/ics-village-defcon-31
Windows Internals: Day 4 (Pavel)
https://training.trainsec.net/windows-internals-day-4-pavel
Focus on DroxiDat/SystemBC | Securelist
https://securelist.com/focus-on-droxidat-systembc/110302/
Microsoft Exchange updates pulled after breaking non-English installs
https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-updates-pulled-after-breaking-non-english-installs/
CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio - SecurityWeek
https://www.securityweek.com/cisa-warns-organizations-of-exploited-vulnerability-in-net-visual-studio/
GitHub - knavesec/Max: Maximizing BloodHound. Max is a good boy.
https://github.com/knavesec/Max
Gafgyt malware exploits five-years-old flaw in EoL Zyxel router
https://www.bleepingcomputer.com/news/security/gafgyt-malware-exploits-five-years-old-flaw-in-eol-zyxel-router/
Minister defends safety law on messaging apps - BBC News
https://www.bbc.co.uk/news/technology-66455616
BSides London 2023 Notification
https://mailchi.mp/82de5c4e95a4/bsideslondon2023