oss-security - Re: CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems
https://www.openwall.com/lists/oss-security/2024/07/08/2
Reverse Engineering Malware with IDA: Part 1 - YouTube
https://youtu.be/_GOAR0wKrlk
Office of Public Affairs | Justice Department Leads Efforts Among Federal, International, and Private Sector Partners to Disrupt Covert Russian Government-Operated Social Media Bot Farm | United States Department of Justice
https://www.justice.gov/opa/pr/justice-department-leads-efforts-among-federal-international-and-private-sector-partners
Hiding in plain sight: Modifying process names in UNIX-like systems
https://doubleagent.net/process-name-stomping/
GitHub - hugsy/recon_2024_windbg_workshop
https://github.com/hugsy/recon_2024_windbg_workshop
Turla: A Master of Deception
https://www.gdatasoftware.com/blog/2024/07/37977-turla-evasion-lnk-files
Amazon.com. Spend less. Smile more.
http://Amazon.com
MalwareBazaar | SHA256 4c2f8feced7768f756ac7d4fa633b08fd61f0ba198c860fa4f1093dedbf060d2 (NetSupport)
https://bazaar.abuse.ch/sample/4c2f8feced7768f756ac7d4fa633b08fd61f0ba198c860fa4f1093dedbf060d2/
GitHub - elastic/die-python: Native Python3 bindings for @horsicq's Detect-It-Easy
https://github.com/elastic/die-python
Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation
https://thehackernews.com/2024/07/cybersecurity-agencies-warn-of-china.html
GitHub - hasherezade/ida_ifl: IFL - Interactive Functions List (plugin for IDA Pro)
https://github.com/hasherezade/ida_ifl
Fragtunnel: The Undetectable TCP Tunneling Tool for Bypassing Next Generation Firewalls
https://meterpreter.org/fragtunnel-the-undetectable-tcp-tunneling-tool-for-bypassing-next-generation-firewalls/
Evolve Bank says data breach impacts 7.6 million Americans
https://www.bleepingcomputer.com/news/security/evolve-bank-says-data-breach-impacts-76-million-americans/
Exploring Compiled V8 JavaScript Usage in Malware - Check Point Research
https://research.checkpoint.com/2024/exploring-compiled-v8-javascript-usage-in-malware/
GitHub - TarlogicSecurity/BlueSpy
https://github.com/TarlogicSecurity/BlueSpy
Global Coalition Blames China’s APT40 for Hacking Government Networks - SecurityWeek
https://www.securityweek.com/global-coalition-blames-chinas-apt40-for-hacking-government-networks/
Chinese APT40 hackers hijack SOHO routers to launch attacks
https://www.bleepingcomputer.com/news/security/chinese-apt40-hackers-hijack-soho-routers-to-launch-attacks/
City of Philadelphia says over 35,000 hit in May 2023 breach
https://www.bleepingcomputer.com/news/security/city-of-philadelphia-says-over-35-000-hit-in-may-2023-breach/
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html
New Blast-RADIUS attack bypasses widely-used RADIUS authentication
https://www.bleepingcomputer.com/news/security/new-blast-radius-attack-bypasses-widely-used-radius-authentication/
B&B Shuffle by Richard Phung/P3hndrx
https://play.backdoorsandbreaches.com/
SensePost | Dumping lsa secrets: a story about task decorrelation
https://sensepost.com/blog/2024/dumping-lsa-secrets-a-story-about-task-decorrelation/
Fujitsu confirms customer data exposed in March cyberattack
https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/
Neiman Marcus data breach: 31 million email addresses found exposed
https://www.bleepingcomputer.com/news/security/neiman-marcus-data-breach-31-million-email-addresses-found-exposed/
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112) - Help Net Security
https://www.helpnetsecurity.com/2024/07/09/microsoft-fixes-two-zero-days-exploited-by-attackers-cve-2024-38080-cve-2024-38112/
Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health - SecurityWeek
https://www.securityweek.com/ransomware-gang-leaks-data-allegedly-stolen-from-florida-department-of-health/
RCE bug in widely used Ghostscript library now exploited in attacks
https://www.bleepingcomputer.com/news/security/rce-bug-in-widely-used-ghostscript-library-now-exploited-in-attacks/
MalwareBazaar | StrelaStealer
https://bazaar.abuse.ch/browse/tag/StrelaStealer/
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
https://thehackernews.com/2024/07/trojanized-jquery-packages-found-on-npm.html
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
https://thehackernews.com/2024/07/guardzoo-malware-targets-over-450.html
Hackers target WordPress calendar plugin used by 150,000 sites
https://www.bleepingcomputer.com/news/security/hackers-target-wordpress-calendar-plugin-used-by-150-000-sites/
Rust Binary Analysis, Feature by Feature - Check Point Research
https://research.checkpoint.com/2023/rust-binary-analysis-feature-by-feature/
Analysis SPAM.zip (MD5: B1B038482819DE247CBE8C4B329C4668) Malicious activity - Interactive analysis ANY.RUN
https://app.any.run/tasks/a3fd75f7-0421-4c28-902a-116771d6aedf
Avast releases free decryptor for DoNex ransomware and past variants
https://www.bleepingcomputer.com/news/security/avast-releases-free-decryptor-for-donex-ransomware-and-past-variants/
SAP Patches High-Severity Vulnerabilities in PDCE, Commerce - SecurityWeek
https://www.securityweek.com/sap-patches-high-severity-vulnerabilities-in-pdce-commerce/
Tell you phone to link me at the coffee shop - KnifeCoat
https://knifecoat.com/Posts/Tell+you+phone+to+link+me+at+the+coffee+shop
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
https://thehackernews.com/2024/07/hackers-exploiting-jenkins-script.html
Microsoft Patch Tuesday July 2024 - SANS Internet Storm Center
https://i5c.us/d31058