Phishing emails abuse Windows search protocol to push malicious scripts
https://www.bleepingcomputer.com/news/security/phishing-emails-abuse-windows-search-protocol-to-push-malicious-scripts/
In-the-Wild Windows LPE 0-days: Insights & Detection Strategies — Elastic Security Labs
https://www.elastic.co/security-labs/itw-windows-lpe-0days-insights-and-detection-strategies
Google Online Security Blog: Time to challenge yourself in the 2024 Google CTF
https://security.googleblog.com/2024/06/time-to-challenge-yourself-in-2024.html
YouTube tests harder-to-block server-side ad injection in videos
https://www.bleepingcomputer.com/news/google/youtube-tests-harder-to-block-server-side-ad-injection-in-videos/
Project Zero: Driving forward in Android drivers
https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html
Bypassing EDR NTDS.dit protection using BlueTeam tools. | by bilal al-qurneh | Jun, 2024 | Medium
https://medium.com/@0xcc00/bypassing-edr-ntds-dit-protection-using-blueteam-tools-1d161a554f9f
Panera warns of employee data breach after March ransomware attack
https://www.bleepingcomputer.com/news/security/panera-warns-of-employee-data-breach-after-march-ransomware-attack/
Q&A with Valentina Palmiotti, aka Chompie
https://securityintelligence.com/x-force/question-answer-valentina-palmiotti-chompie/
New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems
https://thehackernews.com/2024/06/new-cross-platform-malware-noodle-rat.html
AD_Miner: Active Directory audit tool
https://meterpreter.org/ad_miner-active-directory-audit/
Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS
https://thehackernews.com/2024/06/pakistan-linked-malware-campaign.html
Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware
https://thehackernews.com/2024/06/cybercriminals-employ-phantomloader-to.html
#NahamCon2024: Practical AI for Bounty Hunters | @jhaddix - YouTube
https://youtu.be/DqgterfPHzg
Untitled / X
https://twitter.com/i/broadcasts/1ypJdkdBaAQGW
Decompilation Debugging | clearbluejar
https://clearbluejar.github.io/posts/decompilation-debugging-pretending-all-binaries-come-with-source-code/
UnpacMe PIVOT!
https://blog.unpac.me/2024/06/13/introducing-unpacme-pivot/
CVE-2024-28995 | AttackerKB
https://attackerkb.com/topics/2k7UrkHyl3/cve-2024-28995/rapid7-analysis
sccmhunter: attacking SCCM related assets in an Active Directory domain
https://meterpreter.org/sccmhunter-attacking-sccm-related-assets/
New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models
https://thehackernews.com/2024/06/new-attack-technique-sleepy-pickle.html
ChatGPT Account Takeover - Wildcard Web Cache Deception | Harel Security Research
https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html
BSidesCharm 2024 - YouTube
https://www.youtube.com/playlist?list=PLKRput5_6qN_ibJXRHRrmQgKqSyPmsoSf
GitHub - assetnote/nowafpls: Burp Plugin to Bypass WAFs through the insertion of Junk Data
https://github.com/assetnote/nowafpls
Exploit for Veeam Recovery Orchestrator auth bypass available, patch now
https://www.bleepingcomputer.com/news/security/exploit-for-veeam-recovery-orchestrator-auth-bypass-available-patch-now/
Truist Bank confirms breach after stolen data shows up on hacking forum
https://www.bleepingcomputer.com/news/security/truist-bank-confirms-data-breach-after-stolen-data-shows-up-on-hacking-forum/
Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware
https://thehackernews.com/2024/06/arid-viper-launches-mobile-espionage.html
Binder Tracing Part 1 - Understanding Binder structures
https://www.foundryzero.co.uk/2022/08/30/binder-tracing-part-1.html
WinDbg — the Fun Way: Part 1. A while ago WinDbg added support for a… | by Yarden Shafir | Medium
https://medium.com/@yardenshafir2/windbg-the-fun-way-part-1-2e4978791f9b