05/02
05/03
05/04
7 Posts

CFG in Windows 11 24H2

https://ynwarcs.github.io/Win11-24H2-CFG
CFG in Windows 11 24H2
6 Posts

Introducing VDP Compliance—A Free Offering From Bugcrowd | @Bugcrowd

https://www.bugcrowd.com/blog/introducing-vdp-compliance-a-free-offering-from-bugcrowd/
Introducing VDP Compliance—A Free Offering From Bugcrowd | @Bugcrowd
6 Posts

Havoc C2 with AV/EDR Bypass Methods in 2024 (Part 1) | by Sam Rothlisberger | Medium

https://medium.com/@sam.rothlisberger/havoc-c2-with-av-edr-bypass-methods-in-2024-part-1-733d423fc67b
Havoc C2 with AV/EDR Bypass Methods in 2024 (Part 1) | by Sam Rothlisberger | Medium
6 Posts

Havoc C2 with AV/EDR Bypass Methods in 2024 (Part 2) | by Sam Rothlisberger | Medium

https://medium.com/@sam.rothlisberger/havoc-c2-with-av-edr-bypass-methods-in-2024-part-2-d3ac83589e3a
Havoc C2 with AV/EDR Bypass Methods in 2024 (Part 2) | by Sam Rothlisberger | Medium
5 Posts

Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks

https://thehackernews.com/2024/05/four-critical-vulnerabilities-expose.html
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
5 Posts

Chaining N-days to Compromise All: Part 5 — VMware Workstation Host-to-Guest Escape | by Theori Vulnerability Research | May, 2024 | Theori BLOG

https://blog.theori.io/chaining-n-days-to-compromise-all-part-5-vmware-workstation-host-to-guest-escape-5a1297e431b5
Chaining N-days to Compromise All: Part 5 — VMware Workstation Host-to-Guest Escape | by Theori Vulnerability Research | May, 2024 | Theori BLOG
5 Posts

Devfile file write vulnerability in GitLab - GitLab Security Tech Notes

https://gitlab-com.gitlab.io/gl-security/security-tech-notes/security-research-tech-notes/devfile/
Devfile file write vulnerability in GitLab - GitLab Security Tech Notes
5 Posts

NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources

https://thehackernews.com/2024/05/nsa-fbi-alert-on-n-korean-hackers.html
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
4 Posts

Read Satya Nadella’s Microsoft memo on putting security first - The Verge

https://www.theverge.com/24148033/satya-nadella-microsoft-security-memo
Read Satya Nadella’s Microsoft memo on putting security first - The Verge
4 Posts

Microsoft rolls out passkey auth for personal Microsoft accounts

https://www.bleepingcomputer.com/news/microsoft/microsoft-rolls-out-passkey-auth-for-personal-microsoft-accounts/
Microsoft rolls out passkey auth for personal Microsoft accounts
4 Posts

Google Announces Passkeys Adopted by Over 400 Million Accounts

https://thehackernews.com/2024/05/google-announces-passkeys-adopted-by.html
Google Announces Passkeys Adopted by Over 400 Million Accounts
4 Posts

Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications

https://thehackernews.com/2024/05/hackers-increasingly-abusing-microsoft.html
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
4 Posts

Dirty stream attack poses billions of Android installs at risk

https://securityaffairs.com/162699/hacking/dirty-stream-android-installs-risk.html
Dirty stream attack poses billions of Android installs at risk
3 Posts

Microsoft Warns of 'Dirty Stream' Vulnerability in Popular Android Apps - SecurityWeek

https://www.securityweek.com/microsoft-warns-of-dirty-stream-vulnerability-in-popular-android-apps/
Microsoft Warns of 'Dirty Stream' Vulnerability in Popular Android Apps - SecurityWeek
3 Posts

NSA warns of North Korean hackers exploiting weak DMARC email policies

https://www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
NSA warns of North Korean hackers exploiting weak DMARC email policies
3 Posts

Microsoft Researcher to Unveil 4 OpenVPN Zero-Day Vulnerabilities at Black Hat USA 2024

https://securityonline.info/microsoft-researcher-to-unveil-4-openvpn-zero-day-vulnerabilities-at-black-hat-usa-2024/
Microsoft Researcher to Unveil 4 OpenVPN Zero-Day Vulnerabilities at Black Hat USA 2024
3 Posts

US Says North Korean Hackers Exploiting Weak DMARC Settings  - SecurityWeek

https://www.securityweek.com/us-says-north-korean-hackers-exploiting-weak-dmarc-settings/
US Says North Korean Hackers Exploiting Weak DMARC Settings  - SecurityWeek
3 Posts

Uncharmed: Untangling Iran's APT42 Operations | Google Cloud Blog

https://cloud.google.com/blog/topics/threat-intelligence/untangling-iran-apt42-operations/
Uncharmed: Untangling Iran's APT42 Operations | Google Cloud Blog
3 Posts

Google rolls back reCaptcha update to fix Firefox issues

https://www.bleepingcomputer.com/news/security/google-rolls-back-recaptcha-update-to-fix-firefox-issues/
Google rolls back reCaptcha update to fix Firefox issues
3 Posts

CEO who sold fake Cisco devices to US military gets 6 years in prison

https://www.bleepingcomputer.com/news/security/ceo-who-sold-fake-cisco-devices-to-us-military-gets-6-years-in-prison/
CEO who sold fake Cisco devices to US military gets 6 years in prison
3 Posts

Abusing MS Windows printing for C2 communication

https://diverto.hr/en/blog/2024-05-03-MS-Windows-Printing-C2/
Abusing MS Windows printing for C2 communication
3 Posts

Android bug can leak DNS traffic with VPN kill switch enabled

https://www.bleepingcomputer.com/news/security/android-bug-can-leak-dns-traffic-with-vpn-kill-switch-enabled/
Android bug can leak DNS traffic with VPN kill switch enabled
3 Posts

CVE-2024-4439: Unauthenticated Stored Cross-Site Scripting Vulnerability in WordPress Core

https://securityonline.info/cve-2024-4439-unauthenticated-stored-cross-site-scripting-vulnerability-in-wordpress-core/
CVE-2024-4439: Unauthenticated Stored Cross-Site Scripting Vulnerability in WordPress Core