05/27
05/28
05/29
6 Posts

Exploit released for maximum severity Fortinet RCE bug, patch now

https://www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/
Exploit released for maximum severity Fortinet RCE bug, patch now
5 Posts

SQL Injection Cheatsheet | Tib3rius

https://tib3rius.com/sqli
SQL Injection Cheatsheet | Tib3rius
5 Posts

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks | Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2024/05/28/moonstone-sleet-emerges-as-new-north-korean-threat-actor-with-new-bag-of-tricks/
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks | Microsoft Security Blog
5 Posts

AllaSenha: AllaKore variant leverages Azure cloud C2 to steal banking details in Latin America - HarfangLab EDR | Block cyber attacks

https://harfanglab.io/en/insidethelab/allasenha-allakore-variant-azure-c2-steal-banking-latin-america/
AllaSenha: AllaKore variant leverages Azure cloud C2 to steal banking details in Latin America - HarfangLab EDR | Block cyber attacks
4 Posts

ManageEngine ADAudit - Reverse engineering Windows RPC to find CVEs - part 1 / RPC | Shelltrail - Swedish offensive security experts

https://www.shelltrail.com/research/manageengine-adaudit-reverse-engineering-windows-rpc-to-find-cve-2024-36036-and-cve-2024-36037-part1/
ManageEngine ADAudit - Reverse engineering Windows RPC to find CVEs - part 1 / RPC | Shelltrail - Swedish offensive security experts
4 Posts

Everyday Ghidra: Symbols — Automatic Symbol Acquisition with Ghidra — Part 2 | by clearbluejar | May, 2024 | Medium

https://medium.com/@clearbluejar/everyday-ghidra-symbols-automatic-symbol-acquisition-with-ghidra-part-2-bf9033a35b39
Everyday Ghidra: Symbols — Automatic Symbol Acquisition with Ghidra — Part 2 | by clearbluejar | May, 2024 | Medium
4 Posts

DC32 - ICS Village - Call for Papers

https://forms.gle/GwnbMtbrRD7fykFo8
DC32 - ICS Village - Call for Papers
3 Posts

Hellhounds: operation Lahat

https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/hellhounds-operation-lahat/
Hellhounds: operation Lahat
3 Posts

Data Stolen From MediSecure for Sale on Dark Web - SecurityWeek

https://www.securityweek.com/data-stolen-from-medisecure-for-sale-on-dark-web/
Data Stolen From MediSecure for Sale on Dark Web - SecurityWeek
3 Posts

Christie's Confirms Data Breach After Ransomware Group Claims Attack - SecurityWeek

https://www.securityweek.com/christies-confirms-data-breach-after-ransomware-group-claims-attack/
Christie's Confirms Data Breach After Ransomware Group Claims Attack - SecurityWeek
3 Posts

Russian indicted for selling access to US corporate networks

https://www.bleepingcomputer.com/news/security/russian-indicted-for-selling-access-to-us-corporate-networks/
Russian indicted for selling access to US corporate networks
3 Posts

Cops Are Just Trolling Cybercriminals Now | WIRED

https://www.wired.com/story/cop-cybercriminal-hacker-psyops/
Cops Are Just Trolling Cybercriminals Now | WIRED
3 Posts

Indian National Pleads Guilty to $37 Million Cryptocurrency Theft Scheme

https://thehackernews.com/2024/05/indian-national-pleads-guilty-to-37.html
Indian National Pleads Guilty to $37 Million Cryptocurrency Theft Scheme
3 Posts

vulhub/nexus/CVE-2024-4956 at master · vulhub/vulhub · GitHub

https://github.com/vulhub/vulhub/tree/master/nexus/CVE-2024-4956
vulhub/nexus/CVE-2024-4956 at master · vulhub/vulhub · GitHub
3 Posts

Keylogging in the Windows Kernel with undocumented data structures

https://eversinc33.com/posts/kernel-mode-keylogging.html
Keylogging in the Windows Kernel with undocumented data structures
3 Posts

2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx - SecurityWeek

https://www.securityweek.com/2-8-million-impacted-by-data-breach-at-prescription-services-firm-sav-rx/
2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx - SecurityWeek
3 Posts

Ad blocker users say YouTube videos are now skipping to the end

https://www.bleepingcomputer.com/news/google/ad-blocker-users-say-youtube-videos-are-now-skipping-to-the-end/
Ad blocker users say YouTube videos are now skipping to the end
3 Posts

Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique

https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html
Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique
3 Posts

Hellhounds: Operation Lahat. Part 2

https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/hellhounds-operation-lahat-part-2/
Hellhounds: Operation Lahat. Part 2
3 Posts

Check Point VPN Targeted for Initial Access in Enterprise Attacks - SecurityWeek

https://www.securityweek.com/check-point-vpn-targeted-for-initial-access-in-enterprise-attacks/
Check Point VPN Targeted for Initial Access in Enterprise Attacks - SecurityWeek
3 Posts

How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet | WIRED

https://www.wired.com/story/roboform-password-3-million-dollar-crypto-wallet/
How Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto Wallet | WIRED
3 Posts

CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive – Horizon3.ai

https://www.horizon3.ai/attack-research/disclosures/cve-2024-23108-fortinet-fortisiem-2nd-order-command-injection-deep-dive/
CVE-2024-23108: Fortinet FortiSIEM 2nd Order Command Injection Deep-Dive – Horizon3.ai
3 Posts

Static Unpacking for the Widespread NSIS-based Malicious Packer Family - Check Point Research

https://research.checkpoint.com/2024/static-unpacking-for-the-widespread-nsis-based-malicious-packer-family/
Static Unpacking for the Widespread NSIS-based Malicious Packer Family - Check Point Research
3 Posts

WordPress Plugin abused to install e-skimmers in e-stores

https://securityaffairs.com/163777/malware/wordpress-plugin-insert-e-skimmer.html
WordPress Plugin abused to install e-skimmers in e-stores
3 Posts

Treasury Sanctions Creators of 911 S5 Proxy Botnet – Krebs on Security

https://krebsonsecurity.com/2024/05/treasury-sanctions-creators-of-911-s5-proxy-botnet/
Treasury Sanctions Creators of 911 S5 Proxy Botnet – Krebs on Security
3 Posts

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks

https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html
TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks
3 Posts

glibc Flaw (CVE-2024-2961) Opens Door to RCE, PoC Exploit Published

https://securityonline.info/glibc-flaw-cve-2024-2961-opens-door-to-rce-poc-exploit-published/
glibc Flaw (CVE-2024-2961) Opens Door to RCE, PoC Exploit Published
3 Posts

Christie’s confirms breach after RansomHub threatens to leak data

https://www.bleepingcomputer.com/news/security/christies-confirms-breach-after-ransomhub-threatens-to-leak-data/
Christie’s confirms breach after RansomHub threatens to leak data