GitHub - Wh04m1001/CVE-2024-20656
https://github.com/Wh04m1001/CVE-2024-20656
CVE-2024-20656 - Local Privilege Escalation in the VSStandardCollectorService150 Service - MDSec
https://www.mdsec.co.uk/2024/01/cve-2024-20656-local-privilege-escalation-in-vsstandardcollectorservice150-service/
Juniper warns of critical RCE bug in its firewalls and switches
https://www.bleepingcomputer.com/news/security/juniper-warns-of-critical-rce-bug-in-its-firewalls-and-switches/
Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
https://thehackernews.com/2024/01/cryptominers-targeting-misconfigured.html
Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion
https://thehackernews.com/2024/01/medusa-ransomware-on-rise-from-data.html
Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability
https://thehackernews.com/2024/01/act-now-cisa-flags-active-exploitation.html
Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout - SecurityWeek
https://www.securityweek.com/malware-used-in-ivanti-zero-day-attacks-shows-hackers-preparing-for-patch-rollout/
yararules/files/crime_noabot.yara at master · craiu/yararules · GitHub
https://github.com/craiu/yararules/blob/master/files/crime_noabot.yara
Major T-Mobile outage takes down account access, mobile app
https://www.bleepingcomputer.com/news/technology/major-t-mobile-outage-takes-down-account-access-mobile-app/
PSBits/Misc/DPAPI_BLOB.bt at master · gtworek/PSBits · GitHub
https://github.com/gtworek/PSBits/blob/master/Misc/DPAPI_BLOB.bt
Team Liquid ’s wiki leak exposes 118K users
https://securityaffairs.com/157331/security/team-liquid-s-wiki-leak-exposes-118k-users.html
CISA: Critical Microsoft SharePoint bug now actively exploited
https://www.bleepingcomputer.com/news/security/cisa-critical-microsoft-sharepoint-bug-now-actively-exploited/
Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP
https://thehackernews.com/2024/01/urgent-gitlab-releases-patch-for.html
Windows Exploit Mitigation Series - Reversing Export Address Table Filtering (EAF) / X
https://twitter.com/i/broadcasts/1ynJOymmMPZKR
SANS Tysons Corner-NOVA 2024 | Cyber Security Training
https://www.sans.org/u/1ueo
Experts created a PoC for Apache OFBiz flaw CVE-2023-51467
https://securityaffairs.com/157339/hacking/apache-ofbiz-poc-exploit.html
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
https://thehackernews.com/2024/01/nation-state-actors-weaponize-ivanti.html
Security BSides London - YouTube
https://www.youtube.com/@SecuritybsidesOrgUk/playlists
Rimasuta New Variant Switches to ChaCha20 Encryption Algorithm
https://blog.xlab.qianxin.com/rimasuta-new-variant-switches-to-chacha20-encryption-en/
GitHub - EpicGames/raddebugger: A native, user-mode, multi-process, graphical debugger.
https://github.com/EpicGames/raddebugger
GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6 | GitLab
https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/
Streams – ShmooCon
https://www.shmoocon.org/streams
Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns | Mandiant
https://www.mandiant.com/resources/blog/solana-cryptocurrency-stolen-clinksink-drainer-campaigns
Russian Hackers Likely Not Involved in Attacks on Denmark's Critical Infrastructure - SecurityWeek
https://www.securityweek.com/russian-hackers-likely-not-involved-in-attacks-on-denmarks-critical-infrastructure/
eSentire | WorkersDevBackdoor Delivered via Malvertising
https://www.esentire.com/blog/workersdevbackdoor-delivered-via-malvertising
Apple Patches Keystroke Injection Vulnerability in Magic Keyboard - SecurityWeek
https://www.securityweek.com/apple-patches-keystroke-injection-vulnerability-in-magic-keyboard/
Ivanti Connect Secure zero-days exploited to deploy custom malware
https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-exploited-to-deploy-custom-malware/
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise - SecurityWeek
https://www.securityweek.com/new-class-of-ci-cd-attacks-could-have-led-to-pytorch-supply-chain-compromise/
Conquering the memory through io_uring - Analysis of CVE-2023-2598 | a place of anatomical precision
https://anatomic.rip/cve-2023-2598/?ref=0xor0ne.xyz
GitHub - m417z/CVE-2023-36003-POC: Privilege escalation using the XAML diagnostics API (CVE-2023-36003)
https://github.com/m417z/CVE-2023-36003-POC
Over 150k WordPress sites at takeover risk via vulnerable plugin
https://www.bleepingcomputer.com/news/security/over-150k-wordpress-sites-at-takeover-risk-via-vulnerable-plugin/
[2401.05566] Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training
https://arxiv.org/abs/2401.05566![[2401.05566] Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training](/image/screenshot/5b608143a5925bfbbcf579346d04fa2e.webp)
GitLab warns of critical zero-click account hijacking vulnerability
https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/
Search - urlscan.io
https://urlscan.io/search/#domain:%22ontopothers.com%22
CISA: Critical SharePoint vuln is under active exploitation • The Register
https://go.theregister.com/feed/www.theregister.com/2024/01/12/microsoft_sharepoint_vuln_exploit/
IPFuscator
https://vysecurity.github.io/