Pentesting Active Directory - Complete Guide | Part 1 - HACKLIDO
https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
GitHub - testanull/MS-SharePoint-July-Patch-RCE-PoC
https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC
GitHub - alexandreborges/malwoverview: Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
https://github.com/alexandreborges/malwoverview
Pentesting Active Directory - Complete Guide | Part 2 - HACKLIDO
https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
Windows MSHTML zero-day used in malware attacks for over a year
https://www.bleepingcomputer.com/news/security/windows-mshtml-zero-day-used-in-malware-attacks-for-over-a-year/
See Sydney - Hacking on Bug Bounties for 10 Years - First In Person Meetup at HackerOne Community Australia HackerOne Club
https://h1.community/events/details/hackerone-australia-hackerone-club-presents-sydney-hacking-on-bug-bounties-for-10-years-first-in-person-meetup/
🔃 Security Update Guide - Loading - Microsoft
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38100
Google Advanced Protection Program gets passkeys for high-risk users
https://www.bleepingcomputer.com/news/security/google-advanced-protection-program-gets-passkeys-for-high-risk-users/
The toddler’s introduction to Heap exploitation (Part 1) | by +Ch0pin🕷️ | InfoSec Write-ups
https://infosecwriteups.com/the-toddlers-introduction-to-heap-exploitation-part-1-515b3621e0e8
Huione Guarantee exposed as a $11 billion marketplace for cybercrime
https://www.bleepingcomputer.com/news/security/huione-guarantee-exposed-as-a-11-billion-marketplace-for-cybercrime/
VMware Patches Critical SQL-Injection Flaw in Aria Automation - SecurityWeek
https://www.securityweek.com/vmware-patches-critical-sql-injection-flaw-in-aria-automation/
plORMbing your Prisma ORM with Time-based Attacks
https://www.elttam.com/blog/plorming-your-primsa-orm/
Citrix Patches Critical NetScaler Console Vulnerability - SecurityWeek
https://www.securityweek.com/citrix-patches-critical-netscaler-console-vulnerability/
Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112) - Check Point Research
https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/
SANSFIRE 2024 | SANS Institute
https://www.sans.org/u/1wXP
EDR as an Offensive Tool | SafeBreach
https://www.safebreach.com/blog/dark-side-of-edr-offensive-tool/
GitLab: Critical bug lets attackers run pipelines as other users
https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-bug-that-lets-attackers-run-pipelines-as-an-arbitrary-user/
Reverse Engineering Malware with IDA: Part 1 - YouTube
https://youtu.be/_GOAR0wKrlk
Release Ghidra 11.1.2 · NationalSecurityAgency/ghidra · GitHub
https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_11.1.2_build
Japan warns of attacks linked to North Korean Kimsuky hackers
https://www.bleepingcomputer.com/news/security/japan-warns-of-attacks-linked-to-north-korean-kimsuky-hackers/
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
https://thehackernews.com/2024/07/vipersoftx-malware-disguises-as-ebooks.html
GitHub - Mr-r00t11/CVE-2024-37081
https://github.com/Mr-r00t11/CVE-2024-37081
The toddler’s introduction to Heap exploitation, Use After Free & Double free (Part 4) | by +Ch0pin🕷️ | InfoSec Write-ups
https://infosecwriteups.com/use-after-free-13544be5a921
US Disrupts AI-Powered Russian Bot Farm on X - SecurityWeek
https://www.securityweek.com/us-disrupts-ai-powered-russian-bot-farm-on-x/
HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia
https://thehackernews.com/2024/07/crypto-analysts-expose-huione.html
Microsoft fixes Windows 11 bug causing reboot loops, taskbar freezes
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-11-bug-causing-reboot-loops-taskbar-freezes/
U.S. CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/165513/security/cisa-adds-windows-rejetto-http-file-server-bugs-known-exploited-vulnerabilities-catalog.html
CISA urges devs to weed out OS command injection vulnerabilities
https://www.bleepingcomputer.com/news/security/cisa-urges-devs-to-weed-out-os-command-injection-vulnerabilities/
Tell you phone to link me at the coffee shop - KnifeCoat
https://knifecoat.com/Posts/Tell+you+phone+to+link+me+at+the+coffee+shop
The toddler’s introduction to Heap exploitation, Overflows (Part 3) | by +Ch0pin🕷️ | InfoSec Write-ups
https://infosecwriteups.com/the-toddlers-introduction-to-heap-exploitation-overflows-part-3-d3d1aa042d1e
BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol - SecurityWeek
https://www.securityweek.com/blastradius-attack-exposes-critical-flaw-in-30-year-old-radius-protocol/
The toddler’s introduction to Heap exploitation (Part 2) | by +Ch0pin🕷️ | InfoSec Write-ups
https://infosecwriteups.com/the-toddlers-introduction-to-heap-exploitation-part-2-d1f325b74286
oss-security - Re: CVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systems
https://www.openwall.com/lists/oss-security/2024/07/08/2
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited
https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html