C++ Unwind Exception Metadata: A Hidden Reverse Engineering Bonanza — Möbius Strip Reverse Engineering
http://www.msreverseengineering.com/blog/2024/8/20/c-unwind-metadata-1
U.S. charges Karakurt extortion gang’s “cold case” negotiator
https://www.bleepingcomputer.com/news/legal/us-charges-karakurt-extortion-gangs-cold-case-negotiator/
GitHub - p0dalirius/smbclient-ng: smbclient-ng, a fast and user friendly way to interact with SMB shares.
https://github.com/p0dalirius/smbclient-ng
CVE-2024-22263: Spring Cloud Dataflow Arbitrary File Writing - Penetration Testing and CyberSecurity Solution - SecureLayer7
https://blog.securelayer7.net/spring-cloud-data-flow-exploit/
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control
https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html
From Windows drivers to a almost fully working EDR // WhiteFlag
https://blog.whiteflag.io/blog/from-windows-drivers-to-a-almost-fully-working-edr/
Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites - SecurityWeek
https://www.securityweek.com/exploitation-expected-for-flaw-in-caching-plugin-installed-on-5m-wordpress-sites/
New NGate Android malware uses NFC chip to steal credit card data
https://www.bleepingcomputer.com/news/security/new-ngate-android-malware-uses-nfc-chip-to-steal-credit-card-data/
MoonPeak malware from North Korean actors unveils new details on attacker infrastructure
https://blog.talosintelligence.com/moonpeak-malware-infrastructure-north-korea/
Google fixes ninth Chrome zero-day exploited in attacks this year
https://www.bleepingcomputer.com/news/security/google-fixes-tenth-actively-exploited-chrome-zero-day-in-2024/
NGate Android malware relays NFC traffic to steal cash
https://www.welivesecurity.com/en/eset-research/ngate-android-malware-relays-nfc-traffic-to-steal-cash/
Man sentenced for hacking state registry to fake his own death
https://www.bleepingcomputer.com/news/legal/man-sentenced-for-hacking-state-registry-to-fake-his-own-death/
Kaspersky found multiple memory corruptions in Suricata and FreeRDP | Securelist
https://securelist.com/suricata-freerdp-memory-corruption/113489/
Cisco Patches High-Severity Vulnerability Reported by NSA - SecurityWeek
https://www.securityweek.com/cisco-patches-high-severity-vulnerability-reported-by-nsa/
Blue Team Con 2024 Schedule - Blue Team Con
https://blueteamcon.com/blue-team-con-2024-schedule/
XSS Filter Evasion - OWASP Cheat Sheet Series
https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
MalwareBazaar | SHA256 86d8257ae56e5d8220a4e3f8396d944b5e9e41732b58ad7472276d78aea232fa
https://bazaar.abuse.ch/sample/86d8257ae56e5d8220a4e3f8396d944b5e9e41732b58ad7472276d78aea232fa/
CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors - SecurityWeek
https://www.securityweek.com/crowdstrike-hits-back-at-action1-following-1-billion-acquisition-rumors/
China-Linked ‘Velvet Ant' Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches - SecurityWeek
https://www.securityweek.com/china-linked-velvet-ant-hackers-exploited-zero-day-to-deploy-malware-on-cisco-nexus-switches/
Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira - SecurityWeek
https://www.securityweek.com/atlassian-patches-vulnerabilities-in-bamboo-confluence-crowd-jira/
Microsoft confirms August updates break Linux boot in dual-boot systems
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-august-updates-break-linux-boot-in-dual-boot-systems/
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
https://www.bleepingcomputer.com/news/security/solarwinds-fixes-hardcoded-credentials-flaw-in-web-help-desk/
Phrack hacker zine publishes new edition after three years
https://www.bleepingcomputer.com/news/security/phrack-hacker-zine-publishes-new-edition-after-three-years/
Qilin ransomware now steals credentials from Chrome browsers
https://www.bleepingcomputer.com/news/security/qilin-ransomware-now-steals-credentials-from-chrome-browsers/
The Facts About Continuous Penetration Testing and Why It's Important
https://thehackernews.com/2024/08/the-facts-about-continuous-penetration.html
Develop your own C# Obfuscator – Ribbit-ing Cybersecurity
https://www.ribbiting-sec.info/posts/2024-06-05_csharp_obfuscator/
io (@iok) / X
https://twitter.com/iok
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining
https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html
Untitled / X
https://x.com/i/broadcasts/1jMJgBWkNreGL
Office of Public Affairs | New York Man Arrested for Operating as an Illegal Agent of the Chinese Government in the United States | United States Department of Justice
https://www.justice.gov/opa/pr/new-york-man-arrested-operating-illegal-agent-chinese-government-united-states
CISA Warns of Exploited Vulnerabilities Impacting Dahua Products - SecurityWeek
https://www.securityweek.com/cisa-warns-of-exploited-vulnerabilities-impacting-dahua-products/
Xiaomi Patched an RCE Vulnerability Before Pwn2Own Toronto 2023 and Removed the Patch Afterwards – HACKHUNTING
https://hackhunting.com/2024/08/22/xiaomi-patched-an-rce-vulnerability-before-pwn2own-toronto-2023-and-removed-the-patch-afterwards/
Oil Giant Halliburton Confirms Cyber Incident, Details Scarce - SecurityWeek
https://www.securityweek.com/oil-giant-halliburton-confirms-cyberattack-details-scarce/
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
https://thehackernews.com/2024/08/hardware-backdoor-discovered-in-rfid.html