2024-07-11 | Hacker Trends

7 Posts

Chaining Three Bugs to Access All Your ServiceNow Data

https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data

6 Posts

v1.2.0 - ItsAlwaysDNS | NetExec

https://www.netexec.wiki/news/v1.2.0-itsalwaysdns

5 Posts

Jobs at Huntress

https://boards.greenhouse.io/huntress

4 Posts

Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool - SecurityWeek

https://www.securityweek.com/palo-alto-networks-addresses-blastradius-vulnerability-fixes-critical-bug-in-expedition-tool/

4 Posts

Release PortexAnalyzerGUI v 0.13.0 · struppigel/PortexAnalyzerGUI · GitHub

https://github.com/struppigel/PortexAnalyzerGUI/releases/tag/0.13.0

4 Posts

Google increases bug bounty rewards five times, up to $151K

https://www.bleepingcomputer.com/news/security/google-increases-bug-bounty-rewards-five-times-up-to-151k/

4 Posts

Attack Activities by Kimsuky Targeting Japanese Organizations - JPCERT/CC Eyes | JPCERT Coordination Center official Blog

https://blogs.jpcert.or.jp/en/2024/07/attack-activities-by-kimsuky-targeting-japanese-organizations.html

4 Posts

Attacking the Android kernel using the Qualcomm TrustZone | Tamir Zahavi-Brunner’s Blog

https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone

3 Posts

MSSQL ATTACK TOOL - A swiss army knife for pentesting MSSQL servers

https://meterpreter.org/mssql-attack-tool-a-swiss-army-knife-for-pentesting-mssql-servers/

3 Posts

Advance Auto Parts data breach impacts 2.3 million people

https://www.bleepingcomputer.com/news/security/advance-auto-parts-data-breach-impacts-23-million-people/

3 Posts

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

https://www.bleepingcomputer.com/news/security/crystalray-hacker-expands-to-1-500-breached-systems-using-ssh-snake-tool/

3 Posts

Dallas County: Data of 200,000 exposed in 2023 ransomware attack

https://www.bleepingcomputer.com/news/security/dallas-county-data-of-200-000-exposed-in-2023-ransomware-attack/

3 Posts

Microsoft Israel R&D Center - YouTube

https://www.youtube.com/@microsoftrndIsrael

3 Posts

Black Hat Machine Learning - Black Hat USA 2024 | Trainings Schedule

https://www.blackhat.com/us-24/training/schedule/#black-hat-machine-learning-36999

3 Posts

The toddler’s introduction to Heap exploitation (Part 1) | by +Ch0pin🕷️ | InfoSec Write-ups

https://infosecwriteups.com/the-toddlers-introduction-to-heap-exploitation-part-1-515b3621e0e8

3 Posts

Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112) - Check Point Research

https://research.checkpoint.com/2024/resurrecting-internet-explorer-threat-actors-using-zero-day-tricks-in-internet-shortcut-file-to-lure-victims-cve-2024-38112/

3 Posts

The toddler’s introduction to Heap exploitation, Use After Free & Double free (Part 4) | by +Ch0pin🕷️ | InfoSec Write-ups

https://infosecwriteups.com/use-after-free-13544be5a921

3 Posts

Chaining Three Bugs to Access All Your ServiceNow Data

v1.2.0 - ItsAlwaysDNS | NetExec

Jobs at Huntress

Palo Alto Networks Addresses BlastRADIUS Vulnerability, Fixes Critical Bug in Expedition Tool - SecurityWeek

Release PortexAnalyzerGUI v 0.13.0 · struppigel/PortexAnalyzerGUI · GitHub

Google increases bug bounty rewards five times, up to $151K

Attack Activities by Kimsuky Targeting Japanese Organizations - JPCERT/CC Eyes | JPCERT Coordination Center official Blog

Attacking the Android kernel using the Qualcomm TrustZone | Tamir Zahavi-Brunner’s Blog

MSSQL ATTACK TOOL - A swiss army knife for pentesting MSSQL servers

Advance Auto Parts data breach impacts 2.3 million people

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

Dallas County: Data of 200,000 exposed in 2023 ransomware attack

Microsoft Israel R&D Center - YouTube

Black Hat Machine Learning - Black Hat USA 2024 | Trainings Schedule

The toddler’s introduction to Heap exploitation (Part 1) | by +Ch0pin🕷️ | InfoSec Write-ups

Resurrecting Internet Explorer: Threat Actors Using Zero-day Tricks in Internet Shortcut File to Lure Victims (CVE-2024-38112) - Check Point Research

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

LibAFL Introductory workshop — Atredis Partners

AI-Powered Russia's bot farm operates on X, US and its allies warn

Untitled / X

VMware fixed critical SQL-Injection in Aria Automation product

The toddler’s introduction to Heap exploitation, Use After Free & Double free (Part 4) | by +Ch0pin🕷️ | InfoSec Write-ups

Veeam flaw becomes malware target a year after patching • The Register

Return of the JIT :: Lamprey Labs

The toddler’s introduction to Heap exploitation, Overflows (Part 3) | by +Ch0pin🕷️ | InfoSec Write-ups

Malware/Hunters at main · rivitna/Malware · GitHub

The toddler’s introduction to Heap exploitation (Part 2) | by +Ch0pin🕷️ | InfoSec Write-ups

GitHub - testanull/MS-SharePoint-July-Patch-RCE-PoC

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool