GitHub - tandasat/CVE-2023-36427: Report and exploit of CVE-2023-36427
https://github.com/tandasat/CVE-2023-36427
MalwareBazaar | SHA256 c775e6d87a3bcc5e94cd055fee859bdb6350af033114fe8588d2d4d4f6d2a3ae
https://bazaar.abuse.ch/sample/c775e6d87a3bcc5e94cd055fee859bdb6350af033114fe8588d2d4d4f6d2a3ae/
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
https://thehackernews.com/2023/11/lummac2-malware-deploys-new.html
DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks
https://thehackernews.com/2023/11/darkgate-and-pikabot-malware-resurrect.html
Researchers extract RSA keys from SSH server signing errors
https://www.bleepingcomputer.com/news/security/researchers-extract-rsa-keys-from-ssh-server-signing-errors/
Canadian government discloses data breach after contractor hacks
https://www.bleepingcomputer.com/news/security/canadian-government-discloses-data-breach-after-contractor-hacks/
NetSupport RAT Infections on the Rise - Targeting Government and Business Sectors
https://thehackernews.com/2023/11/netsupport-rat-infections-on-rise.html
Lumma Stealer malware now uses trigonometry to evade detection
https://www.bleepingcomputer.com/news/security/lumma-stealer-malware-now-uses-trigonometry-to-evade-detection/
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
https://thehackernews.com/2023/11/randstorm-exploit-bitcoin-wallets.html
SEKTOR7 Institute
https://institute.sektor7.net/?coupon=BW23
US teen pleads guilty to his role in credential stuffing attack on betting site
https://securityaffairs.com/154432/cyber-crime/us-teenager-credential-stuffing-betting-site.html
GitHub - nathan31337/Splunk-RCE-poc
https://github.com/nathan31337/Splunk-RCE-poc
Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years
https://thehackernews.com/2023/11/indian-hack-for-hire-group-targeted-us.html
Rhysida ransomware gang claims British Library cyberattack
https://www.bleepingcomputer.com/news/security/rhysida-ransomware-gang-claims-british-library-cyberattack/
Velociraptor DEATHcon 2023
https://mgreen27.notion.site/mgreen27/Velociraptor-DEATHcon-2023-25d9760af2ac4b419ff39c2a48f7bb2c
sec23winter-prepub-112-uetz.pdf
https://www.usenix.org/system/files/sec23winter-prepub-112-uetz.pdf
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
https://www.bleepingcomputer.com/news/security/russian-hackers-use-ngrok-feature-and-winrar-exploit-to-attack-embassies/
DarkCasino joins the list of APT groups exploiting WinRAR 0day
https://securityaffairs.com/154414/apt/darkcasino-apt-exploiting-winrar-0day.html
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
https://www.bleepingcomputer.com/news/security/kinsing-malware-exploits-apache-activemq-rce-to-plant-rootkits/
US Announces $70 Million Cybersecurity Boost for Rural, Municipal Utilities - SecurityWeek
https://www.securityweek.com/us-announces-70-million-cybersecurity-boost-for-rural-municipal-utilities/
Exploit for CrushFTP RCE chain released, patch now
https://www.bleepingcomputer.com/news/security/exploit-for-crushftp-rce-chain-released-patch-now/
CS124Lec15.pdf
http://courses.cms.caltech.edu/cs124/lectures-wi2016/CS124Lec15.pdf
9 Black Friday cybersecurity deals you don't want to miss - Help Net Security
https://www.helpnetsecurity.com/2023/11/20/black-friday-cybersecurity-deals/
VX-Underground malware collective framed by Phobos ransomware
https://www.bleepingcomputer.com/news/security/vx-underground-malware-collective-framed-by-phobos-ransomware/
GitHub - Xacone/BestEdrOfTheMarket: Little AV/EDR bypassing lab for training & learning purposes
https://github.com/Xacone/BestEdrOfTheMarket
MemTracer - Memory Scaner
http://www.kitploit.com/2023/11/memtracer-memory-scaner.html
Russia's LitterDrifter USB Worm Spreads Beyond Ukraine - SecurityWeek
https://www.securityweek.com/russias-litterdrifter-usb-worm-spreads-beyond-ukraine/
TROOPERS24
https://troopers.de/tickets/
Cybersecurity firm executive pleads guilty to hacking hospitals
https://www.bleepingcomputer.com/news/security/cybersecurity-firm-executive-pleads-guilty-to-hacking-hospitals/
Attacking Against DevOps Environment
https://blog.devsecopsguides.com/attacking-against-devops-environment
Yamaha Motor Confirms Data Breach Following Ransomware Attack - SecurityWeek
https://www.securityweek.com/yamaha-motor-confirms-data-breach-following-ransomware-attack/
GitHub - motikan2010/CVE-2023-6063-PoC: CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)
https://github.com/motikan2010/CVE-2023-6063-PoC