Fortinet warns of critical command injection bug in FortiSIEM
https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-command-injection-bug-in-fortisiem/
Ransomware Group Files SEC Complaint Over Victim's Failure to Disclose Data Breach - SecurityWeek
https://www.securityweek.com/ransomware-group-files-sec-complaint-over-victims-failure-to-disclose-data-breach/
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
https://thehackernews.com/2023/11/russian-hackers-launch-largest-ever.html
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html
Guntior - the story of an advanced bootkit that doesn't rely on Windows disk drivers
https://www.linkedin.com/pulse/guntior-story-advanced-bootkit-doesnt-rely-windows-disk-baranov-wue8e/?published=t
Toyota confirms breach after Medusa ransomware threatens to leak data
https://www.bleepingcomputer.com/news/security/toyota-confirms-breach-after-medusa-ransomware-threatens-to-leak-data/
AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)
https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
https://thehackernews.com/2023/11/zero-day-flaw-in-zimbra-email-software.html
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
https://thehackernews.com/2023/11/hackers-could-exploit-google-workspace.html
Ransomware gang files SEC complaint over victim’s undisclosed breach
https://www.bleepingcomputer.com/news/security/ransomware-gang-files-sec-complaint-over-victims-undisclosed-breach/
Special Offer for Asia Pacific Students | SANS Online Training
https://www.sans.org/u/1tDR
Wireshark • Wireshark 4.2.0 Release Notes
https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html
Photos: IRISSCON 2023 - Help Net Security
https://www.helpnetsecurity.com/2023/11/16/photos-irisscon-2023/
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
https://thehackernews.com/2023/11/cisa-and-fbi-issue-warning-about.html
Rust, but Verify - Compile-Time Authorization - Nathanial Lattimer - EuroRust 2023 - YouTube
https://youtu.be/QcS9UNsVhp8?feature=shared
Samsung hit by new data breach impacting UK store customers
https://www.bleepingcomputer.com/news/security/samsung-hit-by-new-data-breach-impacting-uk-store-customers/
Gergely's hack blog – sqlol (CVE-2023-32422) - a macOS TCC bypass
https://gergelykalman.com/sqlol-CVE-2023-32422-a-macos-tcc-bypass.html
FBI shares tactics of notorious Scattered Spider hacker collective
https://www.bleepingcomputer.com/news/security/fbi-shares-tactics-of-notorious-scattered-spider-hacker-collective/
How we made $120k bug bounty in a year with good automation
https://blog.vidocsecurity.com/blog/2022-summary-how-we-made-120k-bug-bounty-in-a-year
Toronto Public Library confirms data stolen in ransomware attack
https://www.bleepingcomputer.com/news/security/toronto-public-library-confirms-data-stolen-in-ransomware-attack/
Project Zero: MTE As Implemented, Part 1: Implementation Testing
https://googleprojectzero.blogspot.com/2023/08/mte-as-implemented-part-1.html
Scattered Spider | CISA
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a
Zimbra 0-day used to target international government organizations
https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/
Alarm system cyberattack leaves those in need struggling to call for help | Malwarebytes
https://www.malwarebytes.com/blog/news/2023/11/alarm-system-cyberattack-leaves-those-in-need-struggling-to-call-for-help
Threat Intel: To Share or Not to Share is Not the Question - SecurityWeek
https://www.securityweek.com/threat-intel-to-share-or-not-to-share-is-not-the-question/
Jazi on X: "Another sample related to this targeting Uzbekistan: #APT https://t.co/p5BErqZSwt Investment project details.rar 782b8a96d3f80dd562b538af12233cc3 It loads the final payload through regsvr32.exe: e0b8dfd17b8e7de760b273d18e58b142 libeay32.dll C2: account.drive-google-com[.]tk https://t.co/aPx1FK1aj9" / X
https://twitter.com/h2jazi/status/1719064131087532050![Jazi on X: "Another sample related to this targeting Uzbekistan: #APT https://t.co/p5BErqZSwt Investment project details.rar 782b8a96d3f80dd562b538af12233cc3 It loads the final payload through regsvr32.exe: e0b8dfd17b8e7de760b273d18e58b142 libeay32.dll C2: account.drive-google-com[.]tk https://t.co/aPx1FK1aj9" / X](/image/screenshot/49113d97daee38dabb6184734c0a4dc8.webp)
Administrator of Darkode Hacking Forum Sentenced to Prison - SecurityWeek
https://www.securityweek.com/administrator-of-darkode-hacking-forum-sentenced-to-prison/
MalwareBazaar | agenziaentrate
https://bazaar.abuse.ch/browse/tag/agenziaentrate/
Alleged Extortioner of Psychotherapy Patients Faces Trial – Krebs on Security
https://krebsonsecurity.com/2023/11/alleged-extortioner-of-psychotherapy-patients-faces-trial/
Project Zero: MTE As Implemented, Part 2: Mitigation Case Studies
https://googleprojectzero.blogspot.com/2023/08/mte-as-implemented-part-2-mitigation.html
Long Beach, California turns off IT systems after cyberattack
https://www.bleepingcomputer.com/news/security/long-beach-california-turns-off-it-systems-after-cyberattack/
