Elastic catches DPRK passing out KANDYKORN — Elastic Security Labs
https://www.elastic.co/security-labs/elastic-catches-dprk-passing-out-kandykorn
Common Vulnerability Scoring System SIG
https://www.first.org/cvss/
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online
https://www.bleepingcomputer.com/news/security/3-000-apache-activemq-servers-vulnerable-to-rce-attacks-exposed-online/
Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability
https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html
Cisco IOS XE CVE-2023-20198: Deep Dive and POC – Horizon3.ai
https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-deep-dive-and-poc/
North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware
https://thehackernews.com/2023/11/north-korean-hackers-tageting-crypto.html
New CVSS 4.0 vulnerability severity rating standard released
https://www.bleepingcomputer.com/news/security/new-cvss-40-vulnerability-severity-rating-standard-released/
Researchers Expose Prolific Puma's Underground Link Shortening Service
https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html
GitHub - TakahiroHaruyama/VDR: Vulnerable driver research tool, result and exploit PoCs
https://github.com/TakahiroHaruyama/VDR
Hunting Vulnerable Kernel Drivers – VMware Security Blog
https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html
SANS Cyber Defense Initiative 2023 (December 11-16)
https://www.sans.org/u/1tr2
Hands on Review: LayerX's Enterprise Browser Security Extension
https://thehackernews.com/2023/11/hands-on-review-layerxs-enterprise.html
BGGP/2023 at main · binarygolf/BGGP · GitHub
https://github.com/binarygolf/BGGP/tree/main/2023
Arid Viper disguising mobile spyware as updates for non-malicious Android applications
https://blog.talosintelligence.com/arid-viper-mobile-spyware/
Mozi malware botnet goes dark after mysterious use of kill-switch
https://www.bleepingcomputer.com/news/security/mozi-malware-botnet-goes-dark-after-mysterious-use-of-kill-switch/
From Albania to the Middle East: The Scarred Manticore is Listening - Check Point Research
https://research.checkpoint.com/2023/from-albania-to-the-middle-east-the-scarred-manticore-is-listening/
Hackers use Citrix Bleed flaw in attacks on govt networks worldwide
https://www.bleepingcomputer.com/news/security/hackers-use-citrix-bleed-flaw-in-attacks-on-govt-networks-worldwide/
Hackers exploit recent F5 BIG-IP flaws in stealthy attacks
https://www.bleepingcomputer.com/news/security/hackers-exploit-recent-f5-big-ip-flaws-in-stealthy-attacks/
Open Source GTA III engine re-implementation | OpenRW
https://openrw.org
Toronto Public Library outages caused by Black Basta ransomware attack
https://www.bleepingcomputer.com/news/security/toronto-public-library-outages-caused-by-black-basta-ransomware-attack/
Former British Cyberespionage Agency Employee Gets Life in Prison for Stabbing an American Spy - SecurityWeek
https://www.securityweek.com/former-british-cyberespionage-agency-employee-gets-life-in-prison-for-stabbing-an-american-spy/
kernel/git/torvalds/linux.git - Linux kernel source tree
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=df57721f9a63e8a1fb9b9b2e70de4aa4c7e0cd2e
flare-floss/floss/qs/readme.md at 1bae0e6a129775fb66acf45e3376918b14adf617 · mandiant/flare-floss · GitHub
https://github.com/mandiant/flare-floss/blob/1bae0e6/floss/qs/readme.md
Data-bouncing
https://thecontractor.io/data-bouncing/
Windows RDP Event Logs: Part-1. Remote Desktop Protocol (RDP) is a… | by Arslan Sabir | System Weakness
https://systemweakness.com/windows-rdp-event-logs-identification-tracking-and-investigation-part-1-d1f23e26cc05
Microsoft: Windows Copilot makes desktop icons jump between displays
https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-copilot-makes-desktop-icons-jump-between-displays/