Micro-channel public platform
https://mp-weixin-qq-com.translate.goog/s/iWx2tGCLOR0JtDBnC3FOwQ?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en
疑似响尾蛇组织利用Nim后门刺探南亚多国情报
https://mp.weixin.qq.com/s/iWx2tGCLOR0JtDBnC3FOwQ
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
https://thehackernews.com/2023/11/researchers-uncover-undetectable-crypto.html
Jamf Threat Labs Discovers Malware from BlueNoroff
https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/
Signal tests usernames that keep your phone number private
https://www.bleepingcomputer.com/news/software/signal-tests-usernames-that-keep-your-phone-number-private/
Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
https://thehackernews.com/2023/11/beware-developers-blazestealer-malware.html
ChatGPT down after major outage impacting OpenAI systems
https://www.bleepingcomputer.com/news/technology/chatgpt-down-after-major-outage-impacting-openai-systems/
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
https://www.bleepingcomputer.com/news/security/fbi-ransomware-gangs-hack-casinos-via-3rd-party-gaming-vendors/
Experts Expose Farnetwork's Ransomware-as-a-Service Business Model
https://thehackernews.com/2023/11/experts-expose-farnetworks-ransomware.html
sigconverter.io - sigma rule converter
http://sigconverter.io
Russian-speaking threat actor "farnetwork" linked to 5 ransomware gangs
https://www.bleepingcomputer.com/news/security/russian-speaking-threat-actor-farnetwork-linked-to-5-ransomware-gangs/
Webinar: Kickstarting Your SaaS Security Strategy & Program
https://thehackernews.com/2023/11/webinar-kickstarting-your-saas-security.html
WhatsApp now lets users hide their location during calls
https://www.bleepingcomputer.com/news/security/whatsapp-now-lets-users-hide-their-location-during-calls/
Google Online Security Blog: MTE - The promising path forward for memory safety
http://security.googleblog.com/2023/11/mte-promising-path-forward-for-memory.html
MuddyC2Go – Latest C2 Framework Used by Iranian APT MuddyWater Spotted in Israel | Deep Instinct Blog
https://www.deepinstinct.com/blog/muddyc2go-latest-c2-framework-used-by-iranian-apt-muddywater-spotted-in-israel
WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls
https://thehackernews.com/2023/11/whatsapp-introduces-new-privacy-feature.html
Court rules automakers can record and intercept owner text messages
https://therecord.media/class-action-lawsuit-cars-text-messages-privacy
SysAid On-Prem Software CVE-2023-47246 Vulnerability - SysAid
https://sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
Sumo Logic discloses security breach, advises API key resets
https://www.bleepingcomputer.com/news/security/sumo-logic-discloses-security-breach-advises-api-key-resets/
GHSL-2023-180: Type confusion in Chrome’s renderer - CVE-2023-4069 | GitHub Security Lab
https://securitylab.github.com/advisories/GHSL-2023-180_Chromium/
Confluence flaw severity raised amid mass exploitation • The Register
https://go.theregister.com/feed/www.theregister.com/2023/11/08/atlassian_confluence_flaw_upgraded/
Our Pwn2Own journey against time and randomness (part 2)
https://blog.quarkslab.com/our-pwn2own-journey-against-time-and-randomness-part-2.html
Dropper Service Bypassing Android Security Restrictions to Install Malware - SecurityWeek
https://www.securityweek.com/dropper-service-bypassing-android-security-restrictions-to-install-malware/
Europe prepares to break browser security with eIDAS 2.0 • The Register
http://dlvr.it/SyXsg6
Detecting DNS over HTTPS (DoH) in a corporate network | Detect FYI
https://detect.fyi/detecting-dns-over-https-30fddb55ac78
Europe prepares to break browser security with eIDAS 2.0 • The Register
https://go.theregister.com/feed/www.theregister.com/2023/11/08/europe_eidas_browser/
Sumo Logic Urges Users to Change Credentials Due to Security Breach - SecurityWeek
https://www.securityweek.com/sumo-logic-urges-users-to-change-credentials-due-to-security-breach/
!CVE - About
https://notcve.org/about.html
FBI Highlights Emerging Initial Access Methods Used by Ransomware Groups - SecurityWeek
https://www.securityweek.com/fbi-highlights-emerging-initial-access-methods-used-by-ransomware-groups/
Fantastic Windows Logon types and Where to Find Credentials in Them
https://www.alteredsecurity.com/post/fantastic-windows-logon-types-and-where-to-find-credentials-in-them
SideCopy’s Multi-platform Onslaught: Leveraging WinRAR Zero-Day and Linux Variant of Ares RAT
https://www.seqrite.com/blog/sidecopys-multi-platform-onslaught-leveraging-winrar-zero-day-and-linux-variant-of-ares-rat/
Microsoft drops SMB1 firewall rules in new Windows 11 build
https://www.bleepingcomputer.com/news/microsoft/microsoft-drops-smb1-firewall-rules-in-new-windows-11-build/
Triage | 05476886b480e7324583da1cc47c7bc545c042c27788683c4244300b3b6464f1
https://tria.ge/231107-sd4x6sah8z/behavioral1
PoC-public/cb2023 at main · FFRI/PoC-public · GitHub
https://github.com/FFRI/PoC-public/tree/main/cb2023
Marina Bay Sands Discloses Data Breach Impacting 665k Customers - SecurityWeek
https://www.securityweek.com/marina-bay-sands-discloses-data-breach-impacting-665k-customers/
The 3 key stages of ransomware attacks and useful indicators of compromise - Help Net Security
https://www.helpnetsecurity.com/2023/11/08/ransomware-attack-stages/