12/06

Dieselgate, but for trains – some heavyweight hardware hacking – BadCyber

https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware-hacking/
Dieselgate, but for trains – some heavyweight hardware hacking – BadCyber

Blind CSS Exfiltration: exfiltrate unknown web pages | PortSwigger Research

https://portswigger.net/research/blind-css-exfiltration
Blind CSS Exfiltration: exfiltrate unknown web pages | PortSwigger Research

The Tortoise and The Malwahare | PwC

https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/tortoise-and-malwahare.html
The Tortoise and The Malwahare | PwC

MalwareBazaar | SHA256 f119f1e813cdb8dba30bd3348ef97cd8bf5213b3e1a9f25f008337e8b34eaee5 (Pikabot)

https://bazaar.abuse.ch/sample/f119f1e813cdb8dba30bd3348ef97cd8bf5213b3e1a9f25f008337e8b34eaee5/
MalwareBazaar | SHA256 f119f1e813cdb8dba30bd3348ef97cd8bf5213b3e1a9f25f008337e8b34eaee5 (Pikabot)

DNS Hijacking Abuses Trust In Core Internet Service

https://blog.talosintelligence.com/seaturtle/
DNS Hijacking Abuses Trust In Core Internet Service

New BlueNoroff loader for macOS | Securelist

https://securelist.com/bluenoroff-new-macos-malware/111290/
New BlueNoroff loader for macOS | Securelist

Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

https://thehackernews.com/2023/12/alert-threat-actors-can-leverage-aws.html
Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Nissan is investigating cyberattack and potential data breach

https://www.bleepingcomputer.com/news/security/nissan-is-investigating-cyberattack-and-potential-data-breach/
Nissan is investigating cyberattack and potential data breach

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

https://thehackernews.com/2023/12/qualcomm-releases-details-on-chip.html
Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

https://thehackernews.com/2023/12/hackers-exploited-coldfusion.html
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

https://thehackernews.com/2023/12/atlassian-releases-critical-software.html
Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Hunting Malicious Infrastructure-Headers and Hardcoded/Static Strings | by Michael Koczwara | Dec, 2023 | Medium

https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
Hunting Malicious Infrastructure-Headers and Hardcoded/Static Strings | by Michael Koczwara | Dec, 2023 | Medium

Navy contractor Austal USA confirms cyberattack after data leak

https://www.bleepingcomputer.com/news/security/navy-contractor-austal-usa-confirms-cyberattack-after-data-leak/
Navy contractor Austal USA confirms cyberattack after data leak