Escaping the sandbox: A bug that speaks for itself | Microsoft Browser Vulnerability Research
https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself/
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
https://thehackernews.com/2023/11/reptar-new-intel-cpu-vulnerability.html
ChatGPT - ask_ida/c++
https://chat.openai.com/g/g-VgbIr9TQQ-ask-ida-c
GitHub - fr0gger/Awesome-GPT-Agents: A curated list of GPT agents for cybersecurity
https://github.com/fr0gger/Awesome-GPT-Agents
LockBit v3 Blog Since 2019 – 2023
https://www.lockbitblog.info/
Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability
https://thehackernews.com/2023/11/urgent-vmware-warns-of-unpatched.html
Living Off the Living Off the Land | LOLOL
http://lolol.farm
GitHub - tandasat/CVE-2023-36427: Report and exploit of CVE-2023-36427
https://github.com/tandasat/CVE-2023-36427
Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899) | Soroush Dalili (@irsdl) Blog
https://soroush.me/blog/2023/08/cookieless-duodrop-iis-auth-bypass-app-pool-privesc-in-asp-net-framework-cve-2023-36899/
Gergely's hack blog – lateralus (CVE-2023-32407) - a macOS TCC bypass
https://gergelykalman.com/lateralus-CVE-2023-32407-a-macos-tcc-bypass.html
SANS Cyber Defense Initiative 2023 (December 11-16)
https://www.sans.org/u/1tr2
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
https://thehackernews.com/2023/11/new-poc-exploit-for-apache-activemq.html
Announcing the winners of the 2023 CyberScoop 50 | CyberScoop
https://cyberscoop.com/announcing-the-winners-of-the-2023-cyberscoop-50/
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
https://thehackernews.com/2023/11/alert-microsoft-releases-patch-updates.html
U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
https://thehackernews.com/2023/11/us-takes-down-ipstorm-botnet-russian.html
IPStorm botnet with 23,000 proxies for malicious traffic dismantled
https://www.bleepingcomputer.com/news/security/ipstorm-botnet-with-23-000-proxies-for-malicious-traffic-dismantled/
Triage | f4f0c7aa2e923da9a20f0ba9d61e81a8e5215a9a07814028c383bf7d0e4a5361
https://tria.ge/231114-y57e9sfg36/behavioral1
Samsung hit by new data breach impacting UK store customers
https://www.bleepingcomputer.com/news/security/samsung-hit-by-new-data-breach-impacting-uk-store-customers/
Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities - SecurityWeek
https://www.securityweek.com/chipmaker-patch-tuesday-intel-amd-address-over-130-vulnerabilities/
Fraudsters make $50,000 a day by spoofing crypto researchers
https://www.bleepingcomputer.com/news/security/fraud-researchers-impersonated-on-x-to-push-crypto-stealing-sites/
Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI - SecurityWeek
https://www.securityweek.com/microsoft-patches-sensitive-information-disclosure-vulnerability-in-azure-cli/
SAP Patches Critical Vulnerability in Business One Product - SecurityWeek
https://www.securityweek.com/sap-patches-critical-vulnerability-in-business-one-product/
MalwareHunterTeam on X: "FUD "svchost", x64 ESXi targeting "Rhysida-0.1" Linux version sample of Rhysida ransomware: be5d2e94c2498ec052fb025e3348085e418c856dd43080501acfe2067ba54c41 The usage of "esxcli system welcomemsg set" to set DCUI MOTD is not (yet?) common for ESXi targeting ransomware samples... https://t.co/FqPmK9XPyD" / X
https://twitter.com/malwrhunterteam/status/1724165711356993736
US Announces IPStorm Botnet Takedown and Its Creator's Guilty Plea - SecurityWeek
https://www.securityweek.com/us-announces-ipstorm-botnet-takedown-and-its-creators-guilty-plea/
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-exploits-citrix-bleed-in-attacks-10k-servers-exposed/
VMware discloses critical VCD Appliance auth bypass with no patch
https://www.bleepingcomputer.com/news/security/vmware-discloses-critical-vcd-appliance-auth-bypass-with-no-patch/
Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation - SecurityWeek
https://www.securityweek.com/addressing-the-state-of-ais-impact-on-cyber-disinformation-misinformation/
District of Puerto Rico | Russian and Moldovan National Pleads Guilty to Operating Illegal Botnet Proxy Service that Infected Tens of Thousands of Internet-Connected Devices Around the World | United States Department of Justice
https://www.justice.gov/usao-pr/pr/russian-and-moldovan-national-pleads-guilty-operating-illegal-botnet-proxy-service
CISA Outlines AI-Related Cybersecurity Efforts - SecurityWeek
https://www.securityweek.com/cisa-outlines-ai-related-cybersecurity-efforts/
New Intel CPU Vulnerability 'Reptar' Can Allow DoS Attacks, Privilege Escalation - SecurityWeek
https://www.securityweek.com/new-intel-cpu-vulnerability-reptar-can-allow-dos-attacks-privilege-escalation/