Decrypting and Replaying VPN Cookies | by James H | Sep, 2024 | Medium
https://rotarydrone.medium.com/decrypting-and-replaying-vpn-cookies-4a1d8fc7773e
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
TikTok - Make Your Day
http://tiktok.com
Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances
https://thehackernews.com/2024/09/quad7-botnet-expands-to-target-soho.html
Adobe fixes Acrobat Reader zero-day with public PoC exploit
https://www.bleepingcomputer.com/news/security/adobe-fixes-acrobat-reader-zero-day-with-public-poc-exploit/
Kali Linux 2024.3 Release (Multiple transitions) | Kali Linux Blog
https://www.kali.org/blog/kali-linux-2024-3-release/
LNK Stomping (CVE-2024-38217): Microsoft Patches Years-Old Zero-Day Flaw
https://securityonline.info/lnk-stomping-cve-2024-38217-microsoft-patches-years-old-zero-day-flaw/
MalwareBazaar | DelShad
https://bazaar.abuse.ch/browse/tag/DelShad/
RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
https://www.bleepingcomputer.com/news/security/ransomhub-ransomware-abuses-kaspersky-tdsskiller-to-disable-edr-software/
MalwareBazaar | CosmicBeetle
https://bazaar.abuse.ch/browse/tag/CosmicBeetle/
Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware
https://thehackernews.com/2024/09/developers-beware-lazarus-group-uses.html
Windows Security Function Bypassed By New 0-Day Threat, Microsoft Says
https://www.forbes.com/sites/daveywinder/2024/09/11/windows-security-function-bypassed-by-new-0-day-threat-microsoft-says/
Chinese hackers linked to cybercrime syndicate arrested in Singapore
https://www.bleepingcomputer.com/news/legal/chinese-hackers-linked-to-PlugX-malware-arrested-in-singapore/
Blog Tool, Publishing Platform, and CMS – WordPress.org
http://WordPress.org
Detecting Malicious Use of LOLBins | Huntress
https://www.huntress.com/blog/detecting-malicious-use-of-lolbins
RansomHub ransomware gang relies on TDSKiller to disable EDR
https://securityaffairs.com/168296/malware/ransomhub-ransomware-tdskiller-disable-edr.html
GitHub - BTtea/CVE-2018-14714-RCE-exploit: ASUS wifi router RCE vulnerability
https://github.com/BTtea/CVE-2018-14714-RCE-exploit
WordPress.org to require 2FA for plugin developers by October
https://www.bleepingcomputer.com/news/security/wordpressorg-to-require-2fa-for-plugin-developers-by-october/
Fake password manager coding test used to hack Python developers
https://www.bleepingcomputer.com/news/security/fake-password-manager-coding-test-used-to-hack-python-developers/
Intel Informs Customers About Over a Dozen Processor Vulnerabilities - SecurityWeek
https://www.securityweek.com/intel-informs-customers-about-over-a-dozen-processor-vulnerabilities/
Ivanti Patches Critical Vulnerabilities in Endpoint Manager - SecurityWeek
https://www.securityweek.com/ivanti-patches-critical-vulnerabilities-in-endpoint-manager/
New PIXHELL acoustic attack leaks secrets from LCD screen noise
https://www.bleepingcomputer.com/news/security/new-pixhell-acoustic-attack-leaks-secrets-from-lcd-screen-noise/
Browser Stored Credentials – Purple Team
https://ipurple.team/2024/09/10/browser-stored-credentials/
DockerSpy: Search for images on Docker Hub, extract sensitive information - Help Net Security
https://www.helpnetsecurity.com/2024/09/11/dockerspy-extract-sensitive-information-docker-hub-images/
Data Breach at Golf Course Management Firm KemperSports Impacts 62,000 - SecurityWeek
https://www.securityweek.com/data-breach-at-golf-course-management-firm-kempersports-impacts-62000/
Ivanti fixed a maximum severity flaw in its EPM software
https://securityaffairs.com/168286/uncategorized/ivanti-epm-critical-flaws.html
DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe
https://thehackernews.com/2024/09/dragonrank-black-hat-seo-campaign.html
Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws
https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2024-patch-tuesday-fixes-4-zero-days-79-flaws/
New RansomHub attack uses TDSKiller and LaZagne, disables EDR - ThreatDown by Malwarebytes
https://www.threatdown.com/blog/new-ransomhub-attack-uses-tdskiller-and-lazagne-disables-edr/
CVR: The Mines of Kakadûm - Google Bug Hunters
https://bughunters.google.com/blog/6220757425586176/cvr-the-mines-of-kakad-m