01/16
01/17
01/18
13 Posts

Hunting down the HVCI bug in UEFI | Satoshi’s notes

https://tandasat.github.io/blog/2024/01/15/CVE-2024-21305.html
Hunting down the HVCI bug in UEFI | Satoshi’s notes
7 Posts

Reversing and Tooling a Signed Request Hash in Obfuscated JavaScript | Brett Buerhaus

https://buer.haus/2024/01/16/reversing-and-tooling-a-signed-request-hash-in-obfuscated-javascript/
Reversing and Tooling a Signed Request Hash in Obfuscated JavaScript | Brett Buerhaus
6 Posts

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

https://thehackernews.com/2024/01/github-rotates-keys-after-high-severity.html
GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials
5 Posts

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

https://thehackernews.com/2024/01/feds-warn-of-androxgh0st-botnet.html
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
5 Posts

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

https://thehackernews.com/2024/01/new-ishutdown-method-exposes-hidden.html
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
4 Posts

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

https://thehackernews.com/2024/01/pax-pos-terminal-flaw-could-allow.html
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
4 Posts

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation - SecurityWeek

https://www.securityweek.com/citrix-warns-netscaler-adc-customers-of-new-zero-day-exploitation/
Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation - SecurityWeek
4 Posts

Dark web threats and dark market predictions for 2024 | Securelist

https://securelist.com/darknet-predictions-for-2024/111763/
Dark web threats and dark market predictions for 2024 | Securelist
4 Posts

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-fix.html
Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability
4 Posts

AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

https://www.bleepingcomputer.com/news/security/amd-apple-qualcomm-gpus-leak-ai-data-in-leftoverlocals-attacks/
AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks
4 Posts

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
4 Posts

Costin Raiu: The GReAT exit interview - Security Conversations

https://securityconversations.com/episode/costin-raiu-the-great-exit-interview/
Costin Raiu: The GReAT exit interview - Security Conversations
3 Posts

Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation

https://thehackernews.com/2024/01/combating-ip-leaks-into-ai-applications.html
Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation
3 Posts

TrustedSec Impede

http://impede.ai
TrustedSec Impede
3 Posts

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks - SecurityWeek

https://www.securityweek.com/microsoft-iranian-apt-impersonating-prominent-journalist-in-clever-spear-phishing-attacks/
Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks - SecurityWeek
3 Posts

AI used to fake voices of loved ones in “I’ve been in an accident” scam | Malwarebytes

https://www.malwarebytes.com/blog/news/2024/01/ai-used-to-fake-voices-of-loved-ones-in-ive-been-in-an-accident-scams
AI used to fake voices of loved ones in “I’ve been in an accident” scam | Malwarebytes
3 Posts

Bigpanzi botnet infects 170,000 Android TV boxes with malware

https://www.bleepingcomputer.com/news/security/bigpanzi-botnet-infects-170-000-android-tv-boxes-with-malware/
Bigpanzi botnet infects 170,000 Android TV boxes with malware
3 Posts

ShadowRDP - c3r3br4t3

https://red.c3r3br4t3.com/red-team-operations/lateral-movement/shadowrdp
ShadowRDP - c3r3br4t3
3 Posts

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop – Krebs on Security

https://krebsonsecurity.com/2024/01/e-crime-rapper-punchmade-dev-debuts-card-shop/
E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop – Krebs on Security
3 Posts

GitHub Rotates Credentials in Response to Vulnerability - SecurityWeek

https://www.securityweek.com/github-rotates-credentials-in-response-to-vulnerability/
GitHub Rotates Credentials in Response to Vulnerability - SecurityWeek
3 Posts

Register for an account - Insomni'hack Teaser

https://teaser.insomnihack.ch/accounts/register/
Register for an account - Insomni'hack Teaser
3 Posts

MacOS info-stealers quickly evolve to evade XProtect detection

https://www.bleepingcomputer.com/news/security/macos-info-stealers-quickly-evolve-to-evade-xprotect-detection/
MacOS info-stealers quickly evolve to evade XProtect detection
3 Posts

Oracle Patches 200 Vulnerabilities With January 2024 CPU - SecurityWeek

https://www.securityweek.com/oracle-patches-200-vulnerabilities-with-january-2024-cpu/
Oracle Patches 200 Vulnerabilities With January 2024 CPU - SecurityWeek
3 Posts

Here's How ChatGPT Maker OpenAI Plans to Deter Election Misinformation in 2024 - SecurityWeek

https://www.securityweek.com/heres-how-chatgpt-maker-openai-plans-to-deter-election-misinformation-in-2024/
Here's How ChatGPT Maker OpenAI Plans to Deter Election Misinformation in 2024 - SecurityWeek
3 Posts

iShutdown scripts can help detect iOS spyware on your iPhone

https://www.bleepingcomputer.com/news/security/ishutdown-scripts-can-help-detect-ios-spyware-on-your-iphone/
iShutdown scripts can help detect iOS spyware on your iPhone