presentations/SO-CON 2024 at master · SpecterOps/presentations · GitHub
https://github.com/SpecterOps/presentations/tree/master/SO-CON%202024
Introduction to x64 Linux Binary Exploitation (Part 1) | by +Ch0pin🕷️ | Medium
https://valsamaras.medium.com/introduction-to-x64-linux-binary-exploitation-part-1-14ad4a27aeef
Misconfigured Firebase instances leaked 19 million plaintext passwords
https://www.bleepingcomputer.com/news/security/misconfigured-firebase-instances-leaked-19-million-plaintext-passwords/
SANS Security West San Diego 2024 | Cyber Security Training
https://www.sans.org/u/1uXt
MCTTP 2023 | Talk by Jimmy Bayne - YouTube
https://www.youtube.com/watch?v=xdc2ka3qtnM
Ivanti fixes critical Standalone Sentry bug reported by NATO
https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/
New Windows Server updates cause domain controller crashes, reboots
https://www.bleepingcomputer.com/news/microsoft/new-windows-server-updates-cause-domain-controller-crashes-reboots/
Flipper Zero makers respond to Canada’s ‘harmful’ ban proposal
https://www.bleepingcomputer.com/news/security/flipper-zero-makers-respond-to-canadas-harmful-ban-proposal/
UK bakery Greggs is latest victim of recent POS system outages
https://www.bleepingcomputer.com/news/technology/uk-bakery-greggs-is-latest-victim-of-recent-pos-system-outages/
Zero Day Initiative — Pwn2Own Vancouver 2024 - Day One Results
https://www.zerodayinitiative.com/blog/2024/3/20/pwn2own-vancouver-2024-day-one-results
Our Response to the Canadian Government
https://blog.flipper.net/response-to-canadian-government/
300,000 Systems Vulnerable to New Loop DoS Attack - SecurityWeek
https://www.securityweek.com/300000-systems-vulnerable-to-new-loop-dos-attack/
Human 1 - sqlmap 0: defeating automation through manual exploitation - hackcommander.github.io
https://hackcommander.github.io/posts/2024/03/19/human-1-sqlmap-0-defeating-automation-through-manual-exploitation/
Lisa Forte on LinkedIn: How accurately do you perceive and assess risk? Maybe you think you are… | 38 comments
https://www.linkedin.com/posts/lisa-forte_how-accurately-do-you-perceive-and-assess-activity-7176155555097366529-mM59
The 'AT&T breach'—what you need to know | Malwarebytes
https://www.malwarebytes.com/blog/news/2024/03/the-att-breach-what-you-need-to-know
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
https://thehackernews.com/2024/03/teamcity-flaw-leads-to-surge-in.html
New 'Loop DoS' Attack Impacts Hundreds of Thousands of Systems
https://thehackernews.com/2024/03/new-loop-dos-attack-impacts-hundreds-of.html
U.S. EPA Forms Task Force to Protect Water Systems from Cyberattacks
https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html
GitHub - codewhitesec/HttpRemotingObjRefLeak: Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting
https://github.com/codewhitesec/HttpRemotingObjRefLeak
Former telecom manager admits to doing SIM swaps for $1,000
https://www.bleepingcomputer.com/news/security/former-telecom-manager-admits-to-doing-sim-swaps-for-1-000/
Aggressive scanning in bug bounty (and how to avoid it) - Intigriti
https://blog.intigriti.com/2024/03/18/aggressive-scanning-in-bug-bounty-and-how-to-avoid-it/
Windows PowerShell - Event Log Bypass Single Quote Code Execution - Windows_x86-64 local Exploit
https://www.exploit-db.com/exploits/51843
naively bypassing new memory scanning POCs | sillywa.re
https://sillywa.re/posts/flower-da-flowin-shc/
Pwned by the Mail Carrier. How MS Exchange on-premises compromises… | by Jonas Bülow Knudsen | Mar, 2024 | Posts By SpecterOps Team Members
https://posts.specterops.io/pwned-by-the-mail-carrier-0750edfad43b
New BunnyLoader Malware Variant Surfaces with Modular Attack Features
https://thehackernews.com/2024/03/new-bunnyloader-malware-variant.html
BunnyLoader 3.0 surfaces in the threat landscape - Security Affairs
https://securityaffairs.com/160795/hacking/bunnyloader-3-0-malware.html
[SECRETSDUMP] New Dump Method - Shadow Snapshot Method via WMI by PeterGabaldon · Pull Request #1719 · fortra/impacket · GitHub
https://github.com/fortra/impacket/pull/1719![[SECRETSDUMP] New Dump Method - Shadow Snapshot Method via WMI by PeterGabaldon · Pull Request #1719 · fortra/impacket · GitHub](/image/screenshot/4f33001f7fbc54c78f0f1bed097bac6c.webp)
PoC Exploit Available for CVE-2024-1212 (CVSS 10): Patch Kemp LoadMaster Now
https://securityonline.info/poc-exploit-available-for-cve-2024-1212-cvss-10-patch-kemp-loadmaster-now/
Making desync attacks easy with TRACE | PortSwigger Research
https://portswigger.net/research/trace-desync-attack
Five Eyes Agencies Issue New Alert on Chinese APT Volt Typhoon - SecurityWeek
https://www.securityweek.com/five-eyes-agencies-issue-new-alert-on-chinese-apt-volt-typhoon/
GitHub’s new AI-powered tool auto-fixes vulnerabilities in your code
https://www.bleepingcomputer.com/news/security/githubs-new-ai-powered-tool-auto-fixes-vulnerabilities-in-your-code/
Threat actors actively exploit JetBrains TeamCity flaws to deliver malware
https://securityaffairs.com/160823/breaking-news/jetbrains-teamcity-flaws-actively-exploited.html
Chrome 123, Firefox 124 Patch Serious Vulnerabilities - SecurityWeek
https://www.securityweek.com/chrome-123-firefox-124-patch-serious-vulnerabilities/