08/22

U.S. charges Karakurt extortion gang’s “cold case” negotiator

https://www.bleepingcomputer.com/news/legal/us-charges-karakurt-extortion-gangs-cold-case-negotiator/
U.S. charges Karakurt extortion gang’s “cold case” negotiator

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

From Windows drivers to a almost fully working EDR // WhiteFlag

https://blog.whiteflag.io/blog/from-windows-drivers-to-a-almost-fully-working-edr/
From Windows drivers to a almost fully working EDR // WhiteFlag

Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites - SecurityWeek

https://www.securityweek.com/exploitation-expected-for-flaw-in-caching-plugin-installed-on-5m-wordpress-sites/
Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites - SecurityWeek

New NGate Android malware uses NFC chip to steal credit card data

https://www.bleepingcomputer.com/news/security/new-ngate-android-malware-uses-nfc-chip-to-steal-credit-card-data/
New NGate Android malware uses NFC chip to steal credit card data

MoonPeak malware from North Korean actors unveils new details on attacker infrastructure

https://blog.talosintelligence.com/moonpeak-malware-infrastructure-north-korea/
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure

Google fixes ninth Chrome zero-day exploited in attacks this year

https://www.bleepingcomputer.com/news/security/google-fixes-tenth-actively-exploited-chrome-zero-day-in-2024/
Google fixes ninth Chrome zero-day exploited in attacks this year

NGate Android malware relays NFC traffic to steal cash

https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/
NGate Android malware relays NFC traffic to steal cash

Man sentenced for hacking state registry to fake his own death

https://www.bleepingcomputer.com/news/legal/man-sentenced-for-hacking-state-registry-to-fake-his-own-death/
Man sentenced for hacking state registry to fake his own death

Kaspersky found multiple memory corruptions in Suricata and FreeRDP | Securelist

https://securelist.com/suricata-freerdp-memory-corruption/113489/
Kaspersky found multiple memory corruptions in Suricata and FreeRDP | Securelist

Cisco Patches High-Severity Vulnerability Reported by NSA - SecurityWeek

https://www.securityweek.com/cisco-patches-high-severity-vulnerability-reported-by-nsa/
Cisco Patches High-Severity Vulnerability Reported by NSA - SecurityWeek

Blue Team Con 2024 Schedule - Blue Team Con

https://blueteamcon.com/blue-team-con-2024-schedule/
Blue Team Con 2024 Schedule - Blue Team Con

XSS Filter Evasion - OWASP Cheat Sheet Series

https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
XSS Filter Evasion - OWASP Cheat Sheet Series

MalwareBazaar | SHA256 86d8257ae56e5d8220a4e3f8396d944b5e9e41732b58ad7472276d78aea232fa

https://bazaar.abuse.ch/sample/86d8257ae56e5d8220a4e3f8396d944b5e9e41732b58ad7472276d78aea232fa/
MalwareBazaar | SHA256 86d8257ae56e5d8220a4e3f8396d944b5e9e41732b58ad7472276d78aea232fa

CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors - SecurityWeek

https://www.securityweek.com/crowdstrike-hits-back-at-action1-following-1-billion-acquisition-rumors/
CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors - SecurityWeek

China-Linked ‘Velvet Ant' Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches - SecurityWeek

https://www.securityweek.com/china-linked-velvet-ant-hackers-exploited-zero-day-to-deploy-malware-on-cisco-nexus-switches/
China-Linked ‘Velvet Ant' Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches - SecurityWeek

Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira - SecurityWeek

https://www.securityweek.com/atlassian-patches-vulnerabilities-in-bamboo-confluence-crowd-jira/
Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira - SecurityWeek

Microsoft confirms August updates break Linux boot in dual-boot systems

https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-august-updates-break-linux-boot-in-dual-boot-systems/
Microsoft confirms August updates break Linux boot in dual-boot systems

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

https://www.bleepingcomputer.com/news/security/solarwinds-fixes-hardcoded-credentials-flaw-in-web-help-desk/
SolarWinds fixes hardcoded credentials flaw in Web Help Desk

Phrack hacker zine publishes new edition after three years

https://www.bleepingcomputer.com/news/security/phrack-hacker-zine-publishes-new-edition-after-three-years/
Phrack hacker zine publishes new edition after three years

Qilin ransomware now steals credentials from Chrome browsers

https://www.bleepingcomputer.com/news/security/qilin-ransomware-now-steals-credentials-from-chrome-browsers/
Qilin ransomware now steals credentials from Chrome browsers

The Facts About Continuous Penetration Testing and Why It's Important

https://thehackernews.com/2024/08/the-facts-about-continuous-penetration.html
The Facts About Continuous Penetration Testing and Why It's Important

Develop your own C# Obfuscator – Ribbit-ing Cybersecurity

https://www.ribbiting-sec.info/posts/2024-06-05_csharp_obfuscator/
Develop your own C# Obfuscator – Ribbit-ing Cybersecurity

io (@iok) / X

https://twitter.com/iok
io (@iok) / X

New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

Untitled / X

https://x.com/i/broadcasts/1jMJgBWkNreGL
Untitled / X

CISA Warns of Exploited Vulnerabilities Impacting Dahua Products - SecurityWeek

https://www.securityweek.com/cisa-warns-of-exploited-vulnerabilities-impacting-dahua-products/
CISA Warns of Exploited Vulnerabilities Impacting Dahua Products - SecurityWeek

Xiaomi Patched an RCE Vulnerability Before Pwn2Own Toronto 2023 and Removed the Patch Afterwards – HACKHUNTING

https://hackhunting.com/2024/08/22/xiaomi-patched-an-rce-vulnerability-before-pwn2own-toronto-2023-and-removed-the-patch-afterwards/
Xiaomi Patched an RCE Vulnerability Before Pwn2Own Toronto 2023 and Removed the Patch Afterwards – HACKHUNTING

Oil Giant Halliburton Confirms Cyber Incident, Details Scarce - SecurityWeek

https://www.securityweek.com/oil-giant-halliburton-confirms-cyberattack-details-scarce/
Oil Giant Halliburton Confirms Cyber Incident, Details Scarce - SecurityWeek

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

https://thehackernews.com/2024/08/hardware-backdoor-discovered-in-rfid.html
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide