[QuickNote] Qakbot 5.0 – Decrypt strings and configuration | 0day in {REA_TEAM}
https://kienmanowar.wordpress.com/2024/04/24/quicknote-qakbot-5-0-decrypt-strings-and-configuration/![[QuickNote] Qakbot 5.0 – Decrypt strings and configuration | 0day in {REA_TEAM}](/image/screenshot/6e5fde21a83ece4fb8e6625c038ad318.webp)
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/
ETW-ByeBye: Disabling ETW-TI Without PPL | Legacyy
https://www.legacyy.xyz/defenseevasion/windows/2024/04/24/disabling-etw-ti-without-ppl.html
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
https://thehackernews.com/2024/04/coralraider-malware-campaign-exploits.html
Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users
https://thehackernews.com/2024/04/major-security-flaws-expose-keystrokes.html
U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks
https://thehackernews.com/2024/04/us-treasury-sanctions-iranian-firms-and.html
Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
https://thehackernews.com/2024/04/researchers-detail-multistage-attack.html
Windows 11 KB5036980 update goes live with Start Menu ads
https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5036980-update-goes-live-with-start-menu-ads/
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners
https://thehackernews.com/2024/04/escan-antivirus-update-mechanism.html
Ring customers get $5.6 million in privacy breach settlement
https://www.bleepingcomputer.com/news/security/ring-customers-get-56-million-in-privacy-breach-settlement/
Social engineering aspect of the XZ incident | Securelist
https://securelist.com/xz-backdoor-story-part-2-social-engineering/112476/
ArcaneDoor hackers exploit Cisco zero-days to breach govt networks
https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/
Rust-for-Malware-Development/Threads/local_thread_hijacking.rs at main · Whitecat18/Rust-for-Malware-Development · GitHub
https://github.com/Whitecat18/Rust-for-Malware-Development/blob/main/Threads/local_thread_hijacking.rs
CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon - Rhino Security Labs
https://bit.ly/3xPfpwP
A Practical Guide to PrintNightmare in 2024 | itm4n's blog
https://itm4n.github.io/printnightmare-exploitation/
Street lights in Leicester City cannot be turned off due to a cyber attack
https://securityaffairs.com/162219/hacking/leicester-city-cyberattack.html
CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon - Rhino Security Labs
https://rhinosecuritylabs.com/research/cve-2024-2389-in-progress-flowmon/
Microsoft releases Exchange hotfixes for security update issues
https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-exchange-hotfixes-for-security-update-issues/
GitHub - Meowmycks/LetMeowIn: A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.
https://github.com/Meowmycks/LetMeowIn
Hackers publish fake story about Ukrainians attempting to assassinate Slovak president
https://therecord.media/hackers-breach-news-website-false-article-slovakia-assassination
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation - SecurityWeek
https://www.securityweek.com/cisa-warns-of-windows-print-spooler-flaw-after-microsoft-sees-russian-exploitation/
US offers a $10M reward for information on four Iranian nationals
https://securityaffairs.com/162205/cyber-warfare-2/162205us-sanctioned-4-iranian-nationals.html
Rust-for-Malware-Development/syscalls.rs at main · Whitecat18/Rust-for-Malware-Development · GitHub
https://github.com/Whitecat18/Rust-for-Malware-Development/blob/main/syscalls.rs
Institute for Security and TechnologyAnnouncing Finalists for the inaugural Cyber Policy Awards - Institute for Security and Technology
https://securityandtechnology.org/blog/announcing-finalists-for-the-inaugural-cyber-policy-awards/
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining - Avast Threat Labs
https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/
GitHub - mansk1es/CVE-2024-21111: Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability
https://github.com/mansk1es/CVE-2024-21111
FTC Announces Rule Banning Noncompetes | Federal Trade Commission
https://www.ftc.gov/news-events/news/press-releases/2024/04/ftc-announces-rule-banning-noncompetes