2024-01-30 | Hacker Trends

9 Posts

A Practical Guide to PrintNightmare in 2024 | itm4n's blog

https://itm4n.github.io/printnightmare-exploitation/

6 Posts

Compromised routers are still being exploited as malicious infrastructure to target government organizations in Europe and the Caucasus - HarfangLab EDR | Block cyberattacks.

https://harfanglab.io/en/insidethelab/compromised-routers-infrastructure-target-europe-caucasus/

5 Posts

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite

https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html

5 Posts

2024 SANS SOC Survey

https://survey.sans.org/jfe/form/SV_2cuqQXXCpi4kO7Y

5 Posts

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

https://thehackernews.com/2024/01/new-zloader-malware-variant-surfaces.html

5 Posts

Exclusive: US disabled Chinese hacking network targeting critical infrastructure | Reuters

https://www.reuters.com/world/us/us-disabled-chinese-hacking-network-targeting-critical-infrastructure-sources-2024-01-29/

5 Posts

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations

https://thehackernews.com/2024/01/italian-data-protection-watchdog.html

5 Posts

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

https://thehackernews.com/2024/01/brazilian-feds-dismantle-grandoreiro.html

5 Posts

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

https://thehackernews.com/2024/01/juniper-networks-releases-urgent-junos.html

4 Posts

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider – Krebs on Security

https://krebsonsecurity.com/2024/01/fla-man-charged-in-sim-swapping-spree-is-key-suspect-in-hacker-groups-oktapus-scattered-spider/

4 Posts

Microsoft Teams phishing pushes DarkGate malware via group chats

https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-pushes-darkgate-malware-via-group-chats/

4 Posts

SANS Security East New Orleans 2024 | Cyber Security Training

https://www.sans.org/u/1u8A

4 Posts

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

https://thehackernews.com/2024/01/china-linked-hackers-target-myanmars.html

4 Posts

45k Jenkins servers exposed to RCE attacks using public exploits

https://www.bleepingcomputer.com/news/security/45k-jenkins-servers-exposed-to-rce-attacks-using-public-exploits/

4 Posts

Special Offer for Asia Pacific Students | SANS Online Training

https://www.sans.org/u/1ulp

4 Posts

Project Zero: Analyzing a Modern In-the-wild Android Exploit

https://googleprojectzero.blogspot.com/2023/09/analyzing-modern-in-wild-android-exploit.html

4 Posts

Yearly Intel Trend Review: 2023 | RedSense Cyber Threat Intelligence

https://redsense.com/publications/yearly-intel-trend-review-2023/

4 Posts

Automation Hacks: Unearthing a Critical RCE the Easy Way | by Asbawy | Jan, 2024 | Medium

https://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5

4 Posts

Mercedes-Benz accidentally exposed sensitive data, including source code

https://securityaffairs.com/158306/data-breach/mercedes-benz-data-leak.html

4 Posts

Citibank sued over failure to defend customers against hacks, fraud

https://www.bleepingcomputer.com/news/technology/citibank-sued-over-failure-to-defend-customers-against-hacks-fraud/

3 Posts

Welcome to DorkMe

https://www.dorkme.com/

3 Posts

HackerOne | Report #2301565 - Server Side Request Forgery (SSRF) in webhook functionality | HackerOne

https://hackerone.com/reports/2301565

3 Posts

LEAKEY: checks and validates for leaked credentials

https://securityonline.info/leakey-checks-and-validates-for-leaked-credentials/

3 Posts

http://geospy.web.app

3 Posts

Juniper Networks Patches Vulnerabilities in Switches, Firewalls - SecurityWeek

https://www.securityweek.com/juniper-networks-patches-vulnerabilities-in-switches-firewalls/

3 Posts

Police disrupt Grandoreiro banking malware operation, make arrests

https://www.bleepingcomputer.com/news/security/police-disrupt-grandoreiro-banking-malware-operation-make-arrests/

3 Posts

APT_REPORT/summary/2024/Symantec_Ransomware_Threat_Landscape_2024.pdf at master · blackorbird/APT_REPORT · GitHub

https://github.com/blackorbird/APT_REPORT/blob/master/summary/2024/Symantec_Ransomware_Threat_Landscape_2024.pdf

3 Posts

US charges two more suspects with DraftKing account hacks

https://www.bleepingcomputer.com/news/security/us-charges-two-more-suspects-with-draftking-account-hacks/

3 Posts

Akira Ransomware and exploitation of Cisco Anyconnect vulnerability CVE-2020-3259 ⋆ Truesec

https://www.truesec.com/hub/blog/akira-ransomware-and-exploitation-of-cisco-anyconnect-vulnerability-cve-2020-3259

3 Posts

US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report - SecurityWeek

https://www.securityweek.com/us-disrupted-chinese-hacking-operation-aimed-at-critical-infrastructure-report/

3 Posts

oss-security - Out-of-bounds read & write in the glibc's qsort()

https://www.openwall.com/lists/oss-security/2024/01/30/7

3 Posts

Schneider Electric Responding to Ransomware Attack, Data Breach - SecurityWeek

https://www.securityweek.com/schneider-electric-division-responding-to-ransomware-attack-data-breach/

3 Posts

Faction: Open-source pentesting report generation and collaboration framework - Help Net Security

https://www.helpnetsecurity.com/2024/01/30/faction-pentesting-report-generation-collaboration/

3 Posts

CVE-2024-0517 (Out of Bounds Write in V8)

https://h0meb0dy.me/entry/CVE-2024-0517-Out-of-Bounds-Write-in-V8

3 Posts

FACT SHEET: Biden-Harris Administration Releases End of Year Report on Open-Source Software Security Initiative | ONCD | The White House

https://www.whitehouse.gov/oncd/briefing-room/2024/01/30/fact-sheet-biden-harris-administration-releases-end-of-year-report-on-open-source-software-security-initiative/

3 Posts