01/23
01/24
01/25
8 Posts

CVE-2023-40547 - avoid incorrectly trusting HTTP headers · rhboot/shim@0226b56 · GitHub

https://github.com/rhboot/shim/commit/0226b56513b2b8bd5fd281bce77c40c9bf07c66d
CVE-2023-40547 - avoid incorrectly trusting HTTP headers · rhboot/shim@0226b56 · GitHub
8 Posts

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024

https://www.bleepingcomputer.com/news/security/tesla-hacked-24-zero-days-demoed-at-pwn2own-automotive-2024/
Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
6 Posts

MalwareBazaar | SHA256 a95fe0e3b0cb3c0a172eef317d1b213f8572156dc44026f470add87e563bb3d1 (NetSupport)

https://bazaar.abuse.ch/sample/a95fe0e3b0cb3c0a172eef317d1b213f8572156dc44026f470add87e563bb3d1/
MalwareBazaar | SHA256 a95fe0e3b0cb3c0a172eef317d1b213f8572156dc44026f470add87e563bb3d1 (NetSupport)
5 Posts

Google Pixel phones unusable after January 2024 system update

https://www.bleepingcomputer.com/news/google/google-pixel-phones-unusable-after-january-2024-system-update/
Google Pixel phones unusable after January 2024 system update
5 Posts

Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin

https://thehackernews.com/2024/01/patch-your-goanywhere-mft-immediately.html
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
5 Posts

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

https://thehackernews.com/2024/01/google-kubernetes-misconfig-lets-any.html
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
4 Posts

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

https://www.bleepingcomputer.com/news/security/over-5-300-gitlab-servers-exposed-to-zero-click-account-takeover-attacks/
Over 5,300 GitLab servers exposed to zero-click account takeover attacks
4 Posts

HPE: Russian hackers breached its security team’s email accounts

https://www.bleepingcomputer.com/news/security/hpe-russian-hackers-breached-its-security-teams-email-accounts/
HPE: Russian hackers breached its security team’s email accounts
4 Posts

Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption

https://thehackernews.com/2024/01/kasseika-ransomware-using-byovd-trick.html
Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
4 Posts

PE relocation Table | MalwareID Unpacking Guide

http://malwareid.in/unpack/unpacking-basics/pe-relocation-table
PE relocation Table | MalwareID Unpacking Guide
4 Posts

VexTrio TDS: Inside a massive 70,000-domain cybercrime operation

https://www.bleepingcomputer.com/news/security/vextrio-tds-inside-a-massive-70-000-domain-cybercrime-operation/
VexTrio TDS: Inside a massive 70,000-domain cybercrime operation
4 Posts

Victory! Ring Announces It Will No Longer Facilitate Police Requests for Footage from Users | Electronic Frontier Foundation

https://www.eff.org/deeplinks/2024/01/ring-announces-it-will-no-longer-facilitate-police-requests-footage-users
Victory! Ring Announces It Will No Longer Facilitate Police Requests for Footage from Users | Electronic Frontier Foundation
4 Posts

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals - SentinelOne

https://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals/
ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals - SentinelOne
4 Posts

VirusTotal - File - 710191b05ec3faf6012bad12e6d66a638301da9c6f0b6a14413b716023c1fcfb

https://www.virustotal.com/gui/file/710191b05ec3faf6012bad12e6d66a638301da9c6f0b6a14413b716023c1fcfb
VirusTotal - File - 710191b05ec3faf6012bad12e6d66a638301da9c6f0b6a14413b716023c1fcfb
4 Posts

U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach

https://thehackernews.com/2024/01/us-uk-australia-sanction-russian-revil.html
U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach
4 Posts

Webinar - 2023 Major Conference Roundup - YouTube

https://www.youtube.com/watch?v=UXC0G7rGJpg
Webinar - 2023 Major Conference Roundup - YouTube
3 Posts

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

https://securityaffairs.com/158031/cyber-crime/tietoevry-akira-ransomware-attack.html
Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations
3 Posts

Detailed Analysis of DarkGate; Investigating new top-trend backdoor malware | by S2W | S2W BLOG | Jan, 2024 | Medium

https://medium.com/s2wblog/detailed-analysis-of-darkgate-investigating-new-top-trend-backdoor-malware-0545ecf5f606
Detailed Analysis of DarkGate; Investigating new top-trend backdoor malware | by S2W | S2W BLOG | Jan, 2024 | Medium
3 Posts

The near-term impact of AI on the cyber threat - NCSC.GOV.UK

https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat
The near-term impact of AI on the cyber threat - NCSC.GOV.UK
3 Posts

Enter The Gates: An Analysis of the DarkGate AutoIt Loader | Splunk

https://www.splunk.com/en_us/blog/security/enter-the-gates-an-analysis-of-the-darkgate-autoit-loader.html
Enter The Gates: An Analysis of the DarkGate AutoIt Loader | Splunk
3 Posts

Hiding payloads in Java source code strings | PortSwigger Research

https://portswigger.net/research/hiding-payloads-in-java-source-code-strings
Hiding payloads in Java source code strings | PortSwigger Research
3 Posts

The Unknown Risks of The Software Supply Chain: A Deep-Dive

https://thehackernews.com/2024/01/the-unknown-risks-of-software-supply.html
The Unknown Risks of The Software Supply Chain: A Deep-Dive
3 Posts

Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing - Mobile Hacker

https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/
Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing - Mobile Hacker