Hacker Trends
10/26
10/27
10/28
Statistic
09/29 03:34 (UTC)
10/26
10/27
10/28
7 Posts
CVE-2023–4632: Local Privilege Escalation in Lenovo System Updater | by Matt Nelson | Oct, 2023 | Posts By SpecterOps Team Members
https://
posts.specterops.io
/cve-2023-4632-local-privilege-escalation-in-lenovo-system-updater-2762e9667120
6 Posts
France says Russian state hackers breached numerous critical networks
https://
www.bleepingcomputer.com
/news/security/france-says-russian-state-hackers-breached-numerous-critical-networks/
6 Posts
Compromising F5 BIGIP with Request Smuggling -
https://
www.praetorian.com
/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
5 Posts
A cascade of compromise: unveiling Lazarus' new campaign | Securelist
https://
securelist.com
/unveiling-lazarus-new-campaign/110888/
5 Posts
F5 fixes BIG-IP auth bypass allowing remote code execution attacks
https://
www.bleepingcomputer.com
/news/security/f5-fixes-big-ip-auth-bypass-allowing-remote-code-execution-attacks/
5 Posts
[ic] Fix clone ic when the target has fewer inobject properties (4773154) · Gerrit Code Review
https://
chromium-review.googlesource.com
/c/v8/v8/+/4773154
5 Posts
2023 Cybersecurity Awareness Month Kit | SANS Security Awareness
https://
www.sans.org
/u/1s5T
5 Posts
GitHub - S1lkys/SharpKiller: Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
https://
github.com
/S1lkys/SharpKiller
5 Posts
How Kaspersky obtained all stages of Operation Triangulation | Securelist
https://
securelist.com
/operation-triangulation-catching-wild-triangle/110916/
4 Posts
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
https://
thehackernews.com
/2023/10/f5-issues-warning-big-ip-vulnerability.html
4 Posts
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
https://
thehackernews.com
/2023/10/n-korean-lazarus-group-targets-software.html
4 Posts
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts | by Guardio | Oct, 2023 | Medium
https://
labs.guard.io
/etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16
4 Posts
StripedFly malware framework infects 1 million Windows, Linux hosts
https://
www.bleepingcomputer.com
/news/security/stripedfly-malware-framework-infects-1-million-windows-linux-hosts/
4 Posts
How to Keep Your Business Running in a Contested Environment
https://
thehackernews.com
/2023/10/how-to-keep-your-business-running-in.html
4 Posts
Keynote: "When Exploits Aren't Binary" - Maddie Stone, BSides Canberra 2023 - YouTube
https://
youtu.be
/rVAsXjqp9TI
4 Posts
https://
salt.security
/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts
4 Posts
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats
https://
thehackernews.com
/2023/10/google-expands-its-bug-bounty-program.html
4 Posts
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware
https://
www.bleepingcomputer.com
/news/security/lazarus-hackers-breached-dev-repeatedly-to-deploy-signbt-malware/
3 Posts
The Week in Ransomware - October 27th 2023 - Breaking Records
https://
www.bleepingcomputer.com
/news/security/the-week-in-ransomware-october-27th-2023-breaking-records/
3 Posts
Internet access severed in Gaza as IDF announces ‘expanding’ ground operation
https://
therecord.media
/internet-access-in-gaza-severed-israel
3 Posts
In Other News: Ex-NSA Employee Spying for Russia, EU Threat Landscape, Cyber Education Funding - SecurityWeek
https://
www.securityweek.com
/in-other-news-ex-nsa-employee-spying-for-russia-eu-threat-landscape-cyber-education-funding/
3 Posts
Advanced 'StripedFly' Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools - SecurityWeek
https://
www.securityweek.com
/advanced-stripedfly-malware-with-1-million-infections-shows-similarities-to-nsa-malware/
3 Posts
Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
https://
www.bleepingcomputer.com
/news/security/cloudflare-sees-surge-in-hyper-volumetric-http-ddos-attacks/
3 Posts
Critically close to zero (day): Exploiting Microsoft Kernel streaming service
https://
securityintelligence.com
/x-force/critically-close-to-zero-day-exploiting-microsoft-kernel-streaming-service/
3 Posts
PE relocation Table | MalwareID Unpacking Guide
http://
malwareid.in
/unpack/unpacking-basics/pe-relocation-table
3 Posts
navgix: check for nginx alias traversal vulnerabilities
https://
securityonline.info
/navgix-check-for-nginx-alias-traversal-vulnerabilities/?expand_article=1
3 Posts
F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP - SecurityWeek
https://
www.securityweek.com
/f5-warns-of-critical-remote-code-execution-vulnerability-in-big-ip/
3 Posts
exploits/citrix/CVE-2023-4966/exploit.py at main · assetnote/exploits · GitHub
https://
github.com
/assetnote/exploits/blob/main/citrix/CVE-2023-4966/exploit.py
3 Posts
A gentle introduction to SMT-based program analysis | Fura Labs
https://
furalabs.com
/blog/2023/02/12/intro_to_smt_analysis
3 Posts
Windows 11 KB5031455 preview update enables Moment 4 features by default
https://
www.bleepingcomputer.com
/news/microsoft/windows-11-kb5031455-preview-update-enables-moment-4-features-by-default/
3 Posts
Windows Exploit Mitigation Bypass - Isolated Heaps - YouTube
https://
www.youtube.com
/watch?v=5-F_IMpJfHc
3 Posts
Process Injection using NtSetInformationProcess - RiskInsight
https://
www.riskinsight-wavestone.com
/en/2023/10/process-injection-using-ntsetinformationprocess/
3 Posts
Microsoft 365 users get workaround for ‘Something Went Wrong’ errors
https://
www.bleepingcomputer.com
/news/microsoft/microsoft-365-users-get-workaround-for-something-went-wrong-errors/
3 Posts
https://
blog.whiteflag.io
/blog/exploiting-windows-tokens/