Release v0.7.0 · VirusTotal/yara-x · GitHub
https://github.com/VirusTotal/yara-x/releases/tag/v0.7.0
DICK’s shuts down email, locks employee accounts after cyberattack
https://www.bleepingcomputer.com/news/security/dicks-sporting-goods-says-confidential-data-exposed-in-cyberattack/
Taking the Crossroads: The Versa Director Zero-Day Exploitation - Lumen
https://blog.lumen.com/taking-the-crossroads-the-versa-director-zero-day-exploitation/
GitHub - ynwarcs/CVE-2024-38063: poc for CVE-2024-38063 (RCE in tcpip.sys)
https://github.com/ynwarcs/CVE-2024-38063
WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies - SecurityWeek
https://www.securityweek.com/wps-office-zero-day-exploited-by-south-korea-linked-cyberspies/
Google's spyware hunters track state-sponsored malware
https://www.nzz.ch/english/googles-spyware-hunters-track-state-sponsored-malware-ld.1845068
Hacking LLMs 101 : Attention is all I need ? | by Mehdi Zehani | Medium
https://medium.com/@zehanimehdi49/hacking-llms-101-attention-is-all-i-need-407fa25c1796
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
https://thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html
Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets Service Providers - SecurityWeek
https://www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/
Advanced Persistent Threat Targeting Vietnamese Human Rights Defenders | Huntress
https://www.huntress.com/blog/advanced-persistent-threat-targeting-vietnamese-human-rights-defenders
Dodging the Guardian: How Malware Evades EDR Detections | by Iglenson Security | Medium
https://medium.com/@IglensonSecurity/dodging-the-guardian-how-malware-evades-edr-detections-72ed61896406
Ep9: The blurring lines between nation-state APTs and the ransomware epidemic - Security Conversations
https://securityconversations.com/episode/ep9-the-blurring-lines-between-nation-state-apts-and-the-ransomware-epidemic/
Second Apache OFBiz Vulnerability Exploited in Attacks - SecurityWeek
https://www.securityweek.com/second-apache-ofbiz-vulnerability-exploited-in-attacks/
Decompiler Explorer
http://dogbolt.org
US offers $2.5M reward for Belarusian man involved in mass malware distribution
https://securityaffairs.com/167684/cyber-crime/belarusian-man-mass-malware-distribution.html
BlackSuit ransomware stole data of 950,000 from software vendor
https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-stole-data-of-950-000-from-software-vendor/
Employee arrested for locking Windows admins out of 254 servers in extortion plot
https://www.bleepingcomputer.com/news/security/employee-arrested-for-locking-windows-admins-out-of-254-servers-in-extortion-plot/
Inside Xerox WorkCentre: Two Unauthenticated RCEs – PT SWARM
https://swarm.ptsecurity.com/inside-xerox-workcentre-two-unauthenticated-rces/
Google increases Chrome bug bounty rewards up to $250,000
https://www.bleepingcomputer.com/news/google/google-increases-chrome-bug-bounty-rewards-up-to-250-000/
PoorTry Windows driver evolves into a full-featured EDR wiper
https://www.bleepingcomputer.com/news/security/poortry-windows-driver-evolves-into-a-full-featured-edr-wiper/
LinkedIn Hires Former Twitter Security Chief Lea Kissner as New CISO - SecurityWeek
https://www.securityweek.com/linkedin-hires-former-twitter-security-chief-lea-kissner-as-new-ciso/
GitHub - xv0nfers/V8-sbx-bypass-collection
https://github.com/xv0nfers/V8-sbx-bypass-collection
Compiler Explorer
http://godbolt.org
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html
MalwareBazaar | RobotDropper
https://bazaar.abuse.ch/browse/tag/RobotDropper/
Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
https://thehackernews.com/2024/08/fortra-issues-patch-for-high-risk.html
950,000 Impacted by Young Consulting Data Breach - SecurityWeek
https://www.securityweek.com/950000-impacted-by-young-consulting-data-breach/
Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations | Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog/2024/08/28/peach-sandstorm-deploys-new-custom-tickler-malware-in-long-running-intelligence-gathering-operations/
New Tickler malware used to backdoor US govt, defense orgs
https://www.bleepingcomputer.com/news/security/new-tickler-malware-used-to-backdoor-us-govt-defense-orgs/
Security BSides Ahmedabad
https://konfhub.com/security-bsides-ahmedabad
Iranian hackers work with ransomware gangs to extort breached orgs
https://www.bleepingcomputer.com/news/security/iranian-hackers-work-with-ransomware-gangs-to-extort-breached-orgs/
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
https://thehackernews.com/2024/08/blackbyte-ransomware-exploits-vmware.html
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
https://thehackernews.com/2024/08/critical-wpml-plugin-flaw-exposes.html
Malware Delivered via Malicious Pidgin Plugin, Signal Fork - SecurityWeek
https://www.securityweek.com/malware-delivered-via-malicious-pidgin-plugin-signal-fork/
Shielder - Vtiger CRM (<= 8.1.0) Broken Access Control in Migration module
https://www.shielder.com/advisories/vtiger-migration-bac/
Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations | CISA
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-241a
CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6
https://malwaretech.com/2024/08/exploiting-CVE-2024-38063.html
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
https://www.bleepingcomputer.com/news/security/fortra-fixes-critical-filecatalyst-workflow-hardcoded-password-issue/