One bug to Rule Them All, Exploiting a Preauth RCE vulnerability on Windows
https://sites.google.com/site/zhiniangpeng/blogs/MadLicense
Exploiting pfsense Remote Code Execution – CVE-2022-31814 - Laburity
https://laburity.com/exploiting-pfsense-remote-code-execution-cve-2022-31814/
GitHub - CloudCrowSec001/CVE-2024-38077-POC: 原文已被作者删除,备份用,非原创,EXP & POC
https://github.com/CloudCrowSec001/CVE-2024-38077-POC
bhus24_sonos_whitepaper.pdf
https://www.nccgroup.com/media/uzbp3ttw/bhus24_sonos_whitepaper.pdf
US24-Bochin-Let-The-Cache-Cache-and-Wednesday.pdf
http://i.blackhat.com/BH-US-24/Presentations/US24-Bochin-Let-The-Cache-Cache-and-Wednesday.pdf
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
https://thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html
US dismantles laptop farm used by undercover North Korean IT workers
https://www.bleepingcomputer.com/news/security/us-dismantles-laptop-farm-used-by-undercover-north-korean-it-workers/
Russia blocks Signal for 'violating' anti-terrorism laws
https://www.bleepingcomputer.com/news/security/russia-blocks-signal-for-violating-anti-terrorism-laws/
Cisco warns of critical RCE zero-days in end of life IP phones
https://www.bleepingcomputer.com/news/security/cisco-warns-of-critical-rce-zero-days-in-end-of-life-ip-phones/
Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities - SecurityWeek
https://www.securityweek.com/warnings-issued-over-cisco-device-hacking-unpatched-vulnerabilities/
Exploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers
https://securityonline.info/exploitable-poc-released-for-cve-2024-38077-0-click-rce-threatens-all-windows-servers/
PageJack: A Powerful Exploit Technique With Page-Level UAF - Black Hat USA 2024 | Briefings Schedule
https://blackhat.com/us-24/briefings/schedule/#pagejack-a-powerful-exploit-technique-with-page-level-uaf-40440
CVE-2024-5290: Wi-Fi Flaw Leaves Millions Vulnerable to Root Takeover
https://securityonline.info/cve-2024-5290-wi-fi-flaw-leaves-millions-vulnerable-to-root-takeover/
Hotel to Search Rooms During DEF CON Hacking Conference
https://www.404media.co/hotel-to-search-rooms-during-def-con-hacking-conference/
jaku - Twitch
https://twitch.tv/jaku
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
https://thehackernews.com/2024/08/microsoft-reveals-four-openvpn-flaws.html
Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
https://www.bleepingcomputer.com/news/security/malware-force-installs-chrome-extensions-on-300-000-browsers-patches-dlls/
Linux Kernel PWN | 05 ret2dir
https://blog.wohin.me/posts/linux-kernel-pwn-05/
Understanding the Process Environment Block (PEB) for Malware Analysis | by Metehan Bulut | Aug, 2024 | Medium
https://metehan-bulut.medium.com/understanding-the-process-environment-block-peb-for-malware-analysis-26315453793f
DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
https://thehackernews.com/2024/08/doj-charges-nashville-man-for-helping.html
APT Group Kimsuky Targets University Researchers - Resilience
https://www.cyberresilience.com/threatintel/apt-group-kimsuky-targets-university-researchers/
Microsoft discloses Office zero-day, still working on a patch
https://www.bleepingcomputer.com/news/security/microsoft-discloses-office-zero-day-still-working-on-a-patch/
CSC ServiceWorks discloses data breach after 2023 cyberattack
https://www.bleepingcomputer.com/news/security/csc-serviceworks-discloses-data-breach-after-2023-cyberattack/
‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections | WIRED
https://www.wired.com/story/amd-chip-sinkclose-flaw/
Gotta cache 'em all: bending the rules of web cache exploitation | PortSwigger Research
https://portswigger.net/research/gotta-cache-em-all
US24-Qian-PageJack-A-Powerful-Exploit-Technique-With-Page-Level-UAF-Thursday.pdf
https://i.blackhat.com/BH-US-24/Presentations/US24-Qian-PageJack-A-Powerful-Exploit-Technique-With-Page-Level-UAF-Thursday.pdf
Flaws in Ubiquitous ATM Software Could Have Let Attackers Take Over Cash Machines | WIRED
https://www.wired.com/story/vss-atm-vulnerabilities-defcon-2024/
Course Detail | NVIDIA
https://learn.nvidia.com/courses/course-detail?course_id=course-v1%3ADLI+S-DS-03+V1
Russian cyber spies stole data and emails from UK government systems
https://securityaffairs.com/166795/intelligence/russia-hacked-uk-government-systems.html
No Way, PHP Strikes Again! (CVE-2024-4577)
https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/
CVE-2024-38077-POC/CVE-2024-38077-poc.py at main · CloudCrowSec001/CVE-2024-38077-POC · GitHub
https://github.com/CloudCrowSec001/CVE-2024-38077-POC/blob/main/CVE-2024-38077-poc.py
Overcoming State: Finding Baseband Vulnerabilities by Fuzzing Layer-2 - Black Hat USA 2024 | Briefings Schedule
https://www.blackhat.com/us-24/briefings/schedule/#overcoming-state-finding-baseband-vulnerabilities-by-fuzzing-layer--40707
New AMD SinkClose flaw helps install nearly undetectable malware
https://www.bleepingcomputer.com/news/security/new-amd-sinkclose-flaw-helps-install-nearly-undetectable-malware/