Hacker Trends
10/16
10/17
10/18
Statistic
09/29 23:22 (UTC)
10/16
10/17
10/18
7 Posts
Thousands of Cisco IOS XE devices hacked in widespread attacks
https://
www.bleepingcomputer.com
/news/security/thousands-of-cisco-ios-xe-devices-hacked-in-widespread-attacks/
7 Posts
CVE-2023-26369: Adobe Acrobat PDF Reader RCE when processing TTF fonts | 0-days In-the-Wild
https://
googleprojectzero.github.io
/0days-in-the-wild//0day-RCAs/2023/CVE-2023-26369.html
6 Posts
Russian Sandworm hackers breached 11 Ukrainian telcos since May
https://
www.bleepingcomputer.com
/news/security/russian-sandworm-hackers-breached-11-ukrainian-telcos-since-may/
5 Posts
APT_REPORT/group123/2023_Group123_threat_inteligence_report_BitB.pdf at master · blackorbird/APT_REPORT · GitHub
https://
github.com
/blackorbird/APT_REPORT/blob/master/group123/2023_Group123_threat_inteligence_report_BitB.pdf
5 Posts
Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
https://
thehackernews.com
/2023/10/warning-unpatched-cisco-zero-day.html
5 Posts
Keynote Session: "A Journey to Mastery" - Louis Nyffenegger, BSides Canberra 2023 - YouTube
https://
youtu.be
/Ys66llx4PvA
5 Posts
Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers
https://
thehackernews.com
/2023/10/experts-warn-of-severe-flaws-affecting.html
5 Posts
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
https://
thehackernews.com
/2023/10/discord-playground-for-nation-state.html
5 Posts
CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
https://
thehackernews.com
/2023/10/cert-ua-reports-11-ukrainian-telecom.html
4 Posts
D-Link confirms data breach after employee phishing attack
https://
www.bleepingcomputer.com
/news/security/d-link-confirms-data-breach-after-employee-phishing-attack/
4 Posts
request-encoding-to-bypass-web-application-firewalls.pdf
https://
soroush.me
/downloadable/request-encoding-to-bypass-web-application-firewalls.pdf
4 Posts
GitHub - LaurieWired/ObjectiveByTheSea2023: This contains notes and slides for my Objective by the Sea talk
https://
github.com
/LaurieWired/ObjectiveByTheSea2023/
4 Posts
Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software
https://
thehackernews.com
/2023/10/critical-vulnerabilities-uncovered-in.html
4 Posts
The forgotten malvertising campaign
https://
www.malwarebytes.com
/blog/threat-intelligence/2023/10/the-forgotten-malvertising-campaign
4 Posts
特殊なエンコーディングには気をつけよう Apache Tapestryにおける“注意すべき仕様” - ログミーTech
https://
logmi.jp
/tech/articles/329486
3 Posts
NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics - SecurityWeek
https://
www.securityweek.com
/nsa-publishes-ics-ot-intrusion-detection-signatures-and-analytics/
3 Posts
October Windows Server updates cause Hyper-V VM boot issues
https://
www.bleepingcomputer.com
/news/microsoft/october-windows-server-updates-cause-hyper-v-vm-boot-issues/
3 Posts
📅 Recent Ransomware's Victims
https://
ransomware.live
/#/recentvictims
3 Posts
SpyNote Android malware spreads via fake volcano eruption alerts
https://
www.bleepingcomputer.com
/news/security/spynote-android-malware-spreads-via-fake-volcano-eruption-alerts/
3 Posts
Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability
https://
blog.talosintelligence.com
/active-exploitation-of-cisco-ios-xe-software/
3 Posts
“Cisco buried the lede.” >10,000 network devices backdoored through unpatched 0-day | Ars Technica
https://
arstechnica.com
/security/2023/10/actively-exploited-cisco-0-day-with-maximum-10-severity-gives-full-network-control/
3 Posts
1462951 - Security: Type Confusion in V8 WebAssembly, leading to RCE - chromium
https://
crbug.com
/1462951
3 Posts
Tech CEO Sentenced to 5 Years in IP Address Scheme – Krebs on Security
https://
krebsonsecurity.com
/2023/10/tech-ceo-sentenced-to-5-years-in-ip-address-scheme/
3 Posts
Beginners Guide to Self-Learning Windows and Active Directory: Part 1 | by EricaZelic | Medium
https://
ericazelic.medium.com
/beginners-guide-to-self-learning-windows-and-active-directory-part-1-b665399d252f
3 Posts
https://
securityaffairs.com
/152569/malware/redalert-rocket-alerts-spyware.html
3 Posts
Windows Native API… by Pavel Yosifovich [Leanpub PDF/iPad/Kindle]
https://
leanpub.com
/windowsnativeapiprogramming
3 Posts
US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability - SecurityWeek
https://
www.securityweek.com
/us-gov-expects-widespread-exploitation-of-atlassian-confluence-vulnerability/
3 Posts
GitHub - pwntester/ysoserial.net: Deserialization payload generator for a variety of .NET formatters
http://
YSoSerial.Net
3 Posts
Persistent cross-site scripting vulnerabilities in Liferay Portal | Pentagrid AG
https://
www.pentagrid.ch
/en/blog/stored-cross-site-scripting-vulnerabilities-in-liferay-portal/
3 Posts
Active Directory | HideAndSec
https://
hideandsec.sh
/books/cheatsheets-82c/page/active-directory
3 Posts
Microsoft fixes known issue causing Outlook freezes, slow starts
https://
www.bleepingcomputer.com
/news/microsoft/microsoft-fixes-known-issue-causing-outlook-freezes-slow-starts/
3 Posts
Discord still a hotbed of malware activity — Now APTs join the fun
https://
www.bleepingcomputer.com
/news/security/discord-still-a-hotbed-of-malware-activity-now-apts-join-the-fun/
3 Posts
Hackers exploit critical flaw in WordPress Royal Elementor plugin
https://
www.bleepingcomputer.com
/news/security/hackers-exploit-critical-flaw-in-wordpress-royal-elementor-plugin/