KV-Botnet: Don’t call it a Comeback - Lumen
https://blog.lumen.com/kv-botnet-dont-call-it-a-comeback/
ClamAV Bugs Expose Users to Command Injection (CVE-2024-20328) and DoS Attacks (CVE-2024-20290)
https://securityonline.info/clamav-bugs-expose-users-to-command-injection-cve-2024-20328-and-dos-attacks-cve-2024-20290/
US offers $10 million for tips on Hive ransomware leadership
https://www.bleepingcomputer.com/news/security/us-offers-10-million-for-tips-on-hive-ransomware-leadership/
How to tell if your toothbrush is being used in a DDoS attack | Malwarebytes
https://www.malwarebytes.com/blog/awareness/2024/02/how-to-tell-if-your-toothbrush-is-being-used-in-a-ddos-attack
Ivanti: Patch new Connect Secure auth bypass bug immediately
https://www.bleepingcomputer.com/news/security/ivanti-patch-new-connect-secure-auth-bypass-bug-immediately/
Google teases a new modern look for sign-in pages, including Gmail
https://www.bleepingcomputer.com/news/google/google-teases-a-new-modern-look-for-sign-in-pages-including-gmail/
Setting Up an iOS Pentesting Lab on a Non-Jailbroken iDevice | by Abdullah Khawaja | Jan, 2024 | InfoSec Write-ups
https://infosecwriteups.com/setting-up-an-ios-pentesting-lab-on-a-non-jailbroken-idevice-124a8fcf3e16?source=rss----7b722bfd1b8d---4
Coyote: A multi-stage banking Trojan abusing the Squirrel installer | Securelist
https://securelist.com/coyote-multi-stage-banking-trojan/111846/
Special Offer for Asia Pacific Students | SANS Online Training
https://www.sans.org/u/1usZ
SANS Security East New Orleans 2024 | Cyber Security Training
https://www.sans.org/u/1u9o
Hyundai Motor Europe hit by Black Basta ransomware attack
https://www.bleepingcomputer.com/news/security/hyundai-motor-europe-hit-by-black-basta-ransomware-attack/
How To: Evilginx + BITB | Browser In The Browser without iframes in 2024 - YouTube
https://youtu.be/luJjxpEwVHI
Android XLoader malware can now auto-execute after installation
https://www.bleepingcomputer.com/news/security/android-xloader-malware-can-now-auto-execute-after-installation/
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
https://thehackernews.com/2024/02/google-starts-blocking-sideloading-of.html
Shellcode evasion using WebAssembly and Rust - Balwurk
https://balwurk.com/shellcode-evasion-using-webassembly-and-rust/
CVE-2024-21887/exploit.py at main · Chocapikk/CVE-2024-21887 · GitHub
https://github.com/Chocapikk/CVE-2024-21887/blob/main/exploit.py
Java applet + serialization in 2024! What could go wrong? - hn security
https://security.humanativaspa.it/java-applet-serialization-in-2024-what-could-go-wrong/
New Fortinet RCE flaw in SSL VPN likely exploited in attacks
https://www.bleepingcomputer.com/news/security/new-fortinet-rce-flaw-in-ssl-vpn-likely-exploited-in-attacks/
Fake LastPass password manager spotted on Apple’s App Store
https://www.bleepingcomputer.com/news/security/fake-lastpass-password-manager-spotted-on-apples-app-store/
Data breaches at Viamedis and Almerys impact 33 million in France
https://www.bleepingcomputer.com/news/security/data-breaches-at-viamedis-and-almerys-impact-33-million-in-france/
Warning from LastPass as fake app found on Apple App Store | Malwarebytes
https://www.malwarebytes.com/blog/news/2024/02/warning-from-lastpass-as-fake-app-found-on-apple-app-store
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products
https://thehackernews.com/2024/02/critical-patches-released-for-new-flaws.html
No, 3 million electric toothbrushes were not used in a DDoS attack
https://www.bleepingcomputer.com/news/security/no-3-million-electric-toothbrushes-were-not-used-in-a-ddos-attack/
Gergely's hack blog – Hacking ISP CPE equipment: FiberHome
https://gergelykalman.com/hacking-isp-cpe-equipment-fiberhome.html
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
https://thehackernews.com/2024/02/chinese-hackers-operate-undetected-in.html
Kimsuky disguised as a Korean company signed with a valid certificate to distribute Troll Stealer (English ver.) | by S2W | S2W BLOG | Feb, 2024 | Medium
https://medium.com/s2wblog/kimsuky-disguised-as-a-korean-company-signed-with-a-valid-certificate-to-distribute-troll-stealer-cfa5d54314e2
GitHub - rshipp/awesome-malware-analysis: Defund the Police.
https://github.com/rshipp/awesome-malware-analysis
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
https://thehackernews.com/2024/02/hijackloader-evolves-researchers-decode.html
Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure
https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-fortisiem-rce-bugs-in-confusing-disclosure/
Turk Hack Team Thrashed The World's Largest Cooperative Financial Institution - Cybertechwiz
https://www.cybertecwiz.com/turk-hack-team-thrashed-the-worlds-largest-cooperative-financial-institution/
Chinese hackers hid in US infrastructure network for 5 years
https://www.bleepingcomputer.com/news/security/chinese-hackers-hid-in-us-infrastructure-network-for-5-years/
Kimsuky's New Golang Stealer 'Troll' and 'GoBear' Backdoor Target South Korea
https://thehackernews.com/2024/02/kimsukys-new-golang-stealer-troll-and.html
Chinese hackers fail to rebuild botnet after FBI takedown
https://www.bleepingcomputer.com/news/security/chinese-hackers-fail-to-rebuild-botnet-after-fbi-takedown/
GitHub - fabrimagic72/malware-samples: A collection of malware samples caught by several honeypots i manage
https://github.com/fabrimagic72/malware-samples