Spamming Microsoft 365 Like It’s 1995 - Black Hills Information Security
https://www.blackhillsinfosec.com/spamming-microsoft-365-like-its-1995/
Dashboard for Nuclei Results ProjectDiscovery Cloud Platform Integration
https://blog.projectdiscovery.io/dashboard-for-nuclei-results-projectdiscovery-cloud-platform-integration/
New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection Attacks
https://thehackernews.com/2023/12/new-hacker-group-gambleforce-tageting.html
APT_REPORT/APT29/aa23-347a-russian-foreign-intelligence-service-svr-exploiting-jetbrains-teamcity-cve-globally.pdf at master · blackorbird/APT_REPORT · GitHub
https://github.com/blackorbird/APT_REPORT/blob/master/APT29/aa23-347a-russian-foreign-intelligence-service-svr-exploiting-jetbrains-teamcity-cve-globally.pdf
116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems
https://thehackernews.com/2023/12/116-malware-packages-found-on-pypi.html
Running Nuclei - ProjectDiscovery Documentation
https://docs.projectdiscovery.io/tools/nuclei/running#nuclei-result-dashboard
Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders
https://thehackernews.com/2023/12/iranian-state-sponsored-oilrig-group.html
Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network
https://thehackernews.com/2023/12/microsoft-takes-legal-action-to-crack.html
MalwareBazaar | bookinggoogledrive
https://bazaar.abuse.ch/browse/tag/bookinggoogledrive/
Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
https://thehackernews.com/2023/12/russian-svr-linked-apt29-targets.html
U.S. nuclear research lab data breach impacts 45,000 people
https://www.bleepingcomputer.com/news/security/us-nuclear-research-lab-data-breach-impacts-45-000-people/
Ubiquiti users report having access to others’ UniFi routers, cameras
https://www.bleepingcomputer.com/news/security/ubiquiti-users-report-having-access-to-others-unifi-routers-cameras/
New Pierogi++ Malware by Gaza Cyber Gang Targeting Palestinian Entities
https://thehackernews.com/2023/12/new-pierogi-malware-by-gaza-cyber-gang.html
Special Offer for Asia Pacific Students | SANS Online Training
https://www.sans.org/u/1u15
Routers Roasting on an Open Firewall: the KV-botnet Investigation - Lumen
https://blog.lumen.com/routers-roasting-on-an-open-firewall-the-kv-botnet-investigation/
Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts - SecurityWeek
https://www.securityweek.com/microsoft-disrupts-cybercrime-service-that-created-750-million-fraudulent-accounts/
EXNESS | Report #2264960 - Unrestricted Access to Celery Flower Instance | HackerOne
https://hackerone.com/reports/2264960
weaponised-XSS-payloads/drupal_create_admin_user.js at master · hakluke/weaponised-XSS-payloads · GitHub
https://github.com/hakluke/weaponised-XSS-payloads/blob/master/drupal_create_admin_user.js
Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies - SecurityWeek
https://www.securityweek.com/russian-cyberspies-exploiting-teamcity-vulnerability-at-scale-government-agencies/
Apple now requires a judge's order to hand over your push notification data | Malwarebytes
https://www.malwarebytes.com/blog/news/2023/12/apple-now-requires-a-judges-order-to-hand-over-your-push-notification-data
French police arrests Russian suspect linked to Hive ransomware
https://www.bleepingcomputer.com/news/security/french-police-arrests-russian-suspect-linked-to-hive-ransomware/
Ten new Android banking trojans targeted 985 bank apps in 2023
https://www.bleepingcomputer.com/news/security/ten-new-android-banking-trojans-targeted-985-bank-apps-in-2023/
Unveiling NKAbuse: a new multiplatform threat abusing the NKN protocol | Securelist
https://securelist.com/unveiling-nkabuse/111512/
Hacking "AAA" Unreal Engine Games with... Python? - Ross Simpson | BSides Cape Town 2023 - YouTube
https://www.youtube.com/watch?v=wQsoD2JS6no
Hackers are exploiting critical Apache Struts flaw using public PoC
https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-apache-struts-flaw-using-public-poc/
More than 45,000 affected by cyberattack on Idaho nuclear research lab
https://therecord.media/idaho-national-laboratory-data-breach-notifications
Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products - SecurityWeek
https://www.securityweek.com/dell-urges-customers-to-patch-vulnerabilities-in-powerprotect-products/
SSRF Via Exploiting Parse URL to Read Local Files (CVE-2022-2216) - YouTube
https://www.youtube.com/watch?v=_avYi3_Lm9A
French authorities arrested a Russian national for his role in the Hive ransomware operation
https://securityaffairs.com/155815/cyber-crime/french-authorities-hive-ransomware-member.html
New Threat Actor Uses SQL Injection Attacks to Steal Data From APAC Companies - SecurityWeek
https://www.securityweek.com/new-threat-actor-uses-sql-injection-attacks-to-steal-data-from-apac-companies/
Module Stomping
https://dtsec.us/2023-11-04-ModuleStompin/
US detains suspects behind $80 million 'pig butchering' scheme
https://www.bleepingcomputer.com/news/microsoft/us-detains-suspects-behind-80-million-pig-butchering-scheme/
Ten Years Later, New Clues in the Target Breach – Krebs on Security
https://krebsonsecurity.com/2023/12/ten-years-later-new-clues-in-the-target-breach/
Config Extraction from in-memory CobaltStrike Beacons – cyber.wtf
https://cyber.wtf/2023/10/13/config-extraction-from-in-memory-cobaltstrike-beacons/
Ledger dApp supply chain attack steals $600K from crypto wallets
https://www.bleepingcomputer.com/news/security/ledger-dapp-supply-chain-attack-steals-600k-from-crypto-wallets/