Hacker Trends
06/11
06/12
06/13
Statistic
10/23 02:20 (UTC)
06/11
06/12
06/13
7 Posts
Code Execution in Chromium's V8 Heap Sandbox – Anvbis
https://
anvbis.au
/posts/code-execution-in-chromiums-v8-heap-sandbox/
6 Posts
WinDbg — the Fun Way: Part 1. A while ago WinDbg added support for a… | by Yarden Shafir | Medium
https://
medium.com
/@yardenshafir2/windbg-the-fun-way-part-1-2e4978791f9b
6 Posts
Newly discovered: BadSpace backdoor delivered by high-ranking websites
https://
www.gdatasoftware.com
/blog/2024/06/37947-badspace-backdoor
6 Posts
Police arrest Conti and LockBit ransomware crypter specialist
https://
www.bleepingcomputer.com
/news/security/police-arrest-conti-and-lockbit-ransomware-crypter-specialist/
5 Posts
Google warns of actively exploited Pixel firmware zero-day
https://
www.bleepingcomputer.com
/news/security/google-warns-of-actively-exploited-pixel-firmware-zero-day/
5 Posts
The Decompilation Wiki - Decompilation Wiki
https://
decompilation.wiki
/
5 Posts
Black Basta ransomware gang linked to Windows zero-day attacks
https://
www.bleepingcomputer.com
/news/security/black-basta-ransomware-gang-linked-to-windows-zero-day-attacks/
5 Posts
CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability – Horizon3.ai
https://
www.horizon3.ai
/attack-research/attack-blogs/cve-2024-29824-deep-dive-ivanti-epm-sql-injection-remote-code-execution-vulnerability/
5 Posts
Progressive Web Apps (PWAs) Phishing | mr.d0x
https://
mrd0x.com
/progressive-web-apps-pwa-phishing/
4 Posts
Microsoft deprecates Windows DirectAccess, recommends Always On VPN
https://
www.bleepingcomputer.com
/news/microsoft/microsoft-deprecates-windows-directaccess-recommends-always-on-vpn/
4 Posts
CISA warns of criminals impersonating its employees in phone calls
https://
www.bleepingcomputer.com
/news/security/cisa-warns-of-criminals-impersonating-its-employees-in-phone-calls/
4 Posts
Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw
https://
thehackernews.com
/2024/06/black-basta-ransomware-may-have.html
4 Posts
Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability
https://
thehackernews.com
/2024/06/microsoft-issues-patches-for-51-flaws.html
4 Posts
New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers
https://
thehackernews.com
/2024/06/new-phishing-campaign-deploys.html
4 Posts
GitHub - varwara/CVE-2024-26229: CWE-781: Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
https://
github.com
/varwara/CVE-2024-26229
4 Posts
UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion | Google Cloud Blog
https://
cloud.google.com
/blog/topics/threat-intelligence/unc5537-snowflake-data-theft-extortion
4 Posts
Lateral Movement with the .NET Profiler | by Daniel Mayer | Jun, 2024 | Posts By SpecterOps Team Members
https://
posts.specterops.io
/lateral-movement-with-the-net-profiler-8772c86f9523
4 Posts
AWS adds passkeys support, warns root users must enable MFA
https://
www.bleepingcomputer.com
/news/security/aws-adds-passkeys-support-warns-root-users-must-enable-mfa/
4 Posts
Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs
https://
www.elastic.co
/security-labs/dipping-into-danger
4 Posts
Life360 says hacker tried to extort them after Tile data breach
https://
www.bleepingcomputer.com
/news/security/life360-says-hacker-tried-to-extort-them-after-tile-data-breach/
3 Posts
Pure Storage confirms data breach after Snowflake account hack
https://
www.bleepingcomputer.com
/news/security/pure-storage-confirms-data-breach-after-snowflake-account-hack/
3 Posts
GitHub - S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
https://
github.com
/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
3 Posts
Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited - SecurityWeek
https://
www.securityweek.com
/microsoft-patches-zero-click-outlook-vulnerability-that-could-soon-be-exploited/
3 Posts
Fortinet Patches Code Execution Vulnerability in FortiOS - SecurityWeek
https://
www.securityweek.com
/fortinet-patches-code-execution-vulnerability-in-fortios/
3 Posts
CVE-2023-33127: .NET Cross-Session Privilege Escalation Exploit · GitHub
https://
gist.github.com
/bohops/c7bf35ee7ff593a3a76014f7f87abb30
3 Posts
China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally
https://
thehackernews.com
/2024/06/china-backed-hackers-exploit-fortinet.html
3 Posts
Bypassing EDR NTDS.dit protection using BlueTeam tools. | by bilal al-qurneh | Jun, 2024 | Medium
https://
medium.com
/@0xcc00/bypassing-edr-ntds-dit-protection-using-blueteam-tools-1d161a554f9f
3 Posts
No AI training in newly distrusted Terms of Service, Adobe says | Malwarebytes
https://
www.malwarebytes.com
/blog/news/2024/06/no-ai-training-in-newly-distrusted-terms-of-service-adobe-says
3 Posts
Lessons from the Ticketmaster-Snowflake Breach
https://
thehackernews.com
/2024/06/lessons-from-ticketmaster-snowflake.html
3 Posts
Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters
https://
thehackernews.com
/2024/06/cryptojacking-campaign-targets.html
3 Posts
SmokeLoader History | ThreatLabz
https://
www.zscaler.com
/blogs/security-research/brief-history-smokeloader-part-1
3 Posts
New phishing toolkit uses PWAs to steal login credentials
https://
www.bleepingcomputer.com
/news/security/new-phishing-toolkit-uses-pwas-to-steal-login-credentials/
3 Posts
Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991
https://
qriousec.github.io
/post/vbox-pwn2own-2023/
3 Posts
Effective strategies for conducting Mass Password Resets during cybersecurity incidents
https://
techcommunity.microsoft.com
/t5/microsoft-security-experts-blog/effective-strategies-for-conducting-mass-password-resets-during/ba-p/4159408
3 Posts
Phishing emails abuse Windows search protocol to push malicious scripts
https://
www.bleepingcomputer.com
/news/security/phishing-emails-abuse-windows-search-protocol-to-push-malicious-scripts/
3 Posts
Introduction to Azure Cloud Token Theft MindMap V1 | by rootsecdev | Jun, 2024 | Medium
https://
rootsecdev.medium.com
/introduction-to-azure-cloud-token-theft-mindmap-v1-22d015cb5ee8
3 Posts
Thousands of blood test samples set to be destroyed after NHS cyberattack | The Independent
https://
www.independent.co.uk
/news/health/nhs-cyberattack-london-gp-blood-tests-b2560450.html
3 Posts
Fly Phishing. How to Bypass SPAM Filters | by Forrest Kasler | Jun, 2024 | Medium
https://
posts.specterops.io
/fly-phishing-7d4fb56ac325
3 Posts
Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation - SecurityWeek
https://
www.securityweek.com
/google-warns-of-pixel-firmware-zero-day-under-limited-targeted-exploitation/