CVE-2023–4632: Local Privilege Escalation in Lenovo System Updater | by Matt Nelson | Oct, 2023 | Posts By SpecterOps Team Members
https://posts.specterops.io/cve-2023-4632-local-privilege-escalation-in-lenovo-system-updater-2762e9667120
France says Russian state hackers breached numerous critical networks
https://www.bleepingcomputer.com/news/security/france-says-russian-state-hackers-breached-numerous-critical-networks/
Compromising F5 BIGIP with Request Smuggling -
https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/
A cascade of compromise: unveiling Lazarus' new campaign | Securelist
https://securelist.com/unveiling-lazarus-new-campaign/110888/
F5 fixes BIG-IP auth bypass allowing remote code execution attacks
https://www.bleepingcomputer.com/news/security/f5-fixes-big-ip-auth-bypass-allowing-remote-code-execution-attacks/
[ic] Fix clone ic when the target has fewer inobject properties (4773154) · Gerrit Code Review
https://chromium-review.googlesource.com/c/v8/v8/+/4773154![[ic] Fix clone ic when the target has fewer inobject properties (4773154) · Gerrit Code Review](/image/screenshot/07d0ac913f9b927beb2fd35e40662684.webp)
2023 Cybersecurity Awareness Month Kit | SANS Security Awareness
https://www.sans.org/u/1s5T
GitHub - S1lkys/SharpKiller: Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8
https://github.com/S1lkys/SharpKiller
How Kaspersky obtained all stages of Operation Triangulation | Securelist
https://securelist.com/operation-triangulation-catching-wild-triangle/110916/
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts | by Guardio | Oct, 2023 | Medium
https://labs.guard.io/etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16
StripedFly malware framework infects 1 million Windows, Linux hosts
https://www.bleepingcomputer.com/news/security/stripedfly-malware-framework-infects-1-million-windows-linux-hosts/
How to Keep Your Business Running in a Contested Environment
https://thehackernews.com/2023/10/how-to-keep-your-business-running-in.html
Keynote: "When Exploits Aren't Binary" - Maddie Stone, BSides Canberra 2023 - YouTube
https://youtu.be/rVAsXjqp9TI
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats
https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware
https://www.bleepingcomputer.com/news/security/lazarus-hackers-breached-dev-repeatedly-to-deploy-signbt-malware/
The Week in Ransomware - October 27th 2023 - Breaking Records
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-october-27th-2023-breaking-records/
Internet access severed in Gaza as IDF announces ‘expanding’ ground operation
https://therecord.media/internet-access-in-gaza-severed-israel
In Other News: Ex-NSA Employee Spying for Russia, EU Threat Landscape, Cyber Education Funding - SecurityWeek
https://www.securityweek.com/in-other-news-ex-nsa-employee-spying-for-russia-eu-threat-landscape-cyber-education-funding/
Advanced 'StripedFly' Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools - SecurityWeek
https://www.securityweek.com/advanced-stripedfly-malware-with-1-million-infections-shows-similarities-to-nsa-malware/
Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
https://www.bleepingcomputer.com/news/security/cloudflare-sees-surge-in-hyper-volumetric-http-ddos-attacks/
Critically close to zero (day): Exploiting Microsoft Kernel streaming service
https://securityintelligence.com/x-force/critically-close-to-zero-day-exploiting-microsoft-kernel-streaming-service/
PE relocation Table | MalwareID Unpacking Guide
http://malwareid.in/unpack/unpacking-basics/pe-relocation-table
navgix: check for nginx alias traversal vulnerabilities
https://securityonline.info/navgix-check-for-nginx-alias-traversal-vulnerabilities/?expand_article=1
F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP - SecurityWeek
https://www.securityweek.com/f5-warns-of-critical-remote-code-execution-vulnerability-in-big-ip/
exploits/citrix/CVE-2023-4966/exploit.py at main · assetnote/exploits · GitHub
https://github.com/assetnote/exploits/blob/main/citrix/CVE-2023-4966/exploit.py
A gentle introduction to SMT-based program analysis | Fura Labs
https://furalabs.com/blog/2023/02/12/intro_to_smt_analysis
Windows 11 KB5031455 preview update enables Moment 4 features by default
https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5031455-preview-update-enables-moment-4-features-by-default/
Windows Exploit Mitigation Bypass - Isolated Heaps - YouTube
https://www.youtube.com/watch?v=5-F_IMpJfHc
Process Injection using NtSetInformationProcess - RiskInsight
https://www.riskinsight-wavestone.com/en/2023/10/process-injection-using-ntsetinformationprocess/
Microsoft 365 users get workaround for ‘Something Went Wrong’ errors
https://www.bleepingcomputer.com/news/microsoft/microsoft-365-users-get-workaround-for-something-went-wrong-errors/