07/24

Falcon Content Update Remediation and Guidance Hub | CrowdStrike

https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/
Falcon Content Update Remediation and Guidance Hub | CrowdStrike

How a North Korean Fake IT Worker Tried to Infiltrate Us

https://blog.knowbe4.com/how-a-north-korean-fake-it-worker-tried-to-infiltrate-us
How a North Korean Fake IT Worker Tried to Infiltrate Us

CrowdStrike offers a $10 apology gift card to say sorry for outage | TechCrunch

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/
CrowdStrike offers a $10 apology gift card to say sorry for outage | TechCrunch

KnowBe4 Hires Fake North Korean IT Worker, Catches New Employee Planting Malware  - SecurityWeek

https://www.securityweek.com/knowbe4-hires-fake-north-korean-it-worker-catches-new-employee-planting-malware/
KnowBe4 Hires Fake North Korean IT Worker, Catches New Employee Planting Malware  - SecurityWeek

KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack

https://www.bleepingcomputer.com/news/security/knowbe4-mistakenly-hires-north-korean-hacker-faces-infostealer-attack/
KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack

Check Point - Wrong Check Point (CVE-2024-24919)

https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/
Check Point - Wrong Check Point (CVE-2024-24919)

Over 3,000 GitHub accounts used by malware distribution service

https://www.bleepingcomputer.com/news/security/over-3-000-github-accounts-used-by-malware-distribution-service/
Over 3,000 GitHub accounts used by malware distribution service

Windows July security updates send PCs into BitLocker recovery

https://www.bleepingcomputer.com/news/microsoft/windows-july-security-updates-send-pcs-into-bitlocker-recovery/
Windows July security updates send PCs into BitLocker recovery

VirusTotal - File - 950e19f9e804db0b246a36fa01ef7cbc30c72168392ecac9a391756ca634d807

https://www.virustotal.com/gui/file/950e19f9e804db0b246a36fa01ef7cbc30c72168392ecac9a391756ca634d807
VirusTotal - File - 950e19f9e804db0b246a36fa01ef7cbc30c72168392ecac9a391756ca634d807

Webinar Registration - Zoom

https://hubs.la/Q02HHmDM0
Webinar Registration - Zoom

Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool

https://thehackernews.com/2024/07/patchwork-hackers-target-bhutan-with.html
Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers

https://thehackernews.com/2024/07/microsoft-defender-flaw-exploited-to.html
Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers

MalwareBazaar | SHA256 045b248fd03d43a0b9e9428d77a8e9fcd60ee1cd675c3ae994f6901e0dddfddd

https://bazaar.abuse.ch/sample/045b248fd03d43a0b9e9428d77a8e9fcd60ee1cd675c3ae994f6901e0dddfddd/
MalwareBazaar | SHA256 045b248fd03d43a0b9e9428d77a8e9fcd60ee1cd675c3ae994f6901e0dddfddd

Extending Ghidra Part 1: Setting up a Development Environment

https://voidstarsec.com/blog/ghidra-dev-environment
Extending Ghidra Part 1: Setting up a Development Environment

CVE-2024-40075: XXE Vulnerability Found in Laravel v11.x

https://securityonline.info/cve-2024-40075-xxe-vulnerability-found-in-laravel-v11-x/
CVE-2024-40075: XXE Vulnerability Found in Laravel v11.x

BreachForums v1 database leak is an OPSEC test for hackers

https://www.bleepingcomputer.com/news/security/breachforums-v1-database-leak-is-an-opsec-test-for-hackers/
BreachForums v1 database leak is an OPSEC test for hackers

CrowdStrike Explains Why Bad Update Was Not Properly Tested - SecurityWeek

https://www.securityweek.com/crowdstrike-explains-why-bad-update-was-not-properly-tested/
CrowdStrike Explains Why Bad Update Was Not Properly Tested - SecurityWeek

Active Directory Enumeration for Red Teams - MDSec

https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/
Active Directory Enumeration for Red Teams - MDSec

What Can You Do with APCs? – Pavel Yosifovich

https://scorpiosoftware.net/2024/07/24/what-can-you-do-with-apcs/
What Can You Do with APCs? – Pavel Yosifovich

Create New Canarytoken

http://Canarytokens.org
Create New Canarytoken

Docker fixes critical 5-year old authentication bypass flaw

https://www.bleepingcomputer.com/news/security/docker-fixes-critical-5-year-old-authentication-bypass-flaw/
Docker fixes critical 5-year old authentication bypass flaw

Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine

https://www.ambionics.io/blog/iconv-cve-2024-2961-p1
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine

GitHub - ret2/Pwn2Own-Auto-2024-CHARX

https://github.com/ret2/Pwn2Own-Auto-2024-CHARX
GitHub - ret2/Pwn2Own-Auto-2024-CHARX