Over 1,000 ServiceNow instances found leaking corporate KB data
https://www.bleepingcomputer.com/news/security/over-1-000-servicenow-instances-found-leaking-corporate-kb-data/
Release Impacket 0.12.0 · fortra/impacket · GitHub
https://github.com/fortra/impacket/releases/tag/impacket_0_12_0
Treasury Sanctions Enablers of the Intellexa Commercial Spyware Consortium | U.S. Department of the Treasury
https://home.treasury.gov/news/press-releases/jy2581
CISA warns of Windows flaw used in infostealer malware attacks
https://www.bleepingcomputer.com/news/security/cisa-warns-of-windows-flaw-used-in-infostealer-malware-attacks/
Ransomware gangs now abuse Microsoft Azure tool for data theft
https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-abuse-microsoft-azure-tool-for-data-theft/
Hezbollah Members Among Hundreds Wounded after Pagers Explode in Lebanon and Syria, Officials Say - SecurityWeek
https://www.securityweek.com/dozens-wounded-after-pagers-detonate-in-lebanon-media-and-security-officials-say/
reuters.com
https://www.reuters.com/world/middle-east/dozens-hezbollah-members-wounded-lebanon-when-pagers-exploded-sources-witnesses-2024-09-17/
Haifei's random thoughts: Opening EXPMON for Everyone
https://justhaifei1.blogspot.com/2024/04/opening-expmon-for-everyone.html
Hidden in Plain Sight: Abusing Entra ID Administrative Units for Sticky Persistence | Datadog Security Labs
https://securitylabs.datadoghq.com/articles/abusing-entra-id-administrative-units/
U.S. CISA adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/168505/security/u-s-cisa-microsoft-windows-mshtml-platform-progress-whatsup-gold-bugs-known-exploited-vulnerabilities-catalog.html
How to Investigate ChatGPT activity in Google Workspace
https://thehackernews.com/2024/09/how-to-investigate-chatgpt-activity-in.html
The unreasonable success of Fuzzing - Google スライド
https://docs.google.com/presentation/d/1vw9lywrMnNojiOIu-xU5KXZz7WzE0MYNQF6V7n6vyY8/edit?usp=drivesdk
Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2024/06/11/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/
GitHub - bi-zone/CVE-2024-7965: This repository contains PoC for CVE-2024-7965. This is the vulnerability in the V8 that occurs only within ARM64.
https://github.com/bi-zone/CVE-2024-7965
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
https://thehackernews.com/2024/09/google-chrome-switches-to-ml-kem-for.html
MalwareBazaar | asuhvziuez-top
https://bazaar.abuse.ch/browse/tag/asuhvziuez-top/
PKfail Secure Boot bypass remains a significant risk two months later
https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-remains-a-significant-risk-two-months-later/
Анализ уязвимости CVE-2024-7965
https://bi.zone/expertise/blog/analiz-uyazvimosti-cve-2024-7965/
Elon Musk may have to sell billions in Tesla stock to rescue X | Fortune
https://fortune.com/2024/08/15/elon-musk-tesla-stock-sale-twitter-x-advertiser-boycott-finances-bradford-ferguson/
U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation
https://thehackernews.com/2024/09/us-treasury-sanctions-executives-linked.html
Attacking PowerShell CLIXML Deserialization - Truesec
https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization
Broadcom fixes critical RCE bug in VMware vCenter Server
https://www.bleepingcomputer.com/news/security/broadcom-fixes-critical-rce-bug-in-vmware-vcenter-server/
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest - SecurityWeek
https://www.securityweek.com/vmware-patches-remote-code-execution-flaw-found-in-chinese-hacking-contest/
Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks - SecurityWeek
https://www.securityweek.com/recent-whatsup-gold-vulnerabilities-possibly-exploited-in-ransomware-attacks/
Chinese man charged for spear-phishing against NASA and US Government
https://securityaffairs.com/168514/cyber-crime/chinese-man-spear-phishing-nasa-us-government.html
Qilin ransomware attack on Synnovis impacted over 900K patients
https://securityaffairs.com/168480/data-breach/qilin-attack-on-synnovis-impacted-900000-patients.html
Eight dead, 2,750 injured in Lebanon pagers explosions; Israel fingered - Vanguard News
https://www.vanguardngr.com/2024/09/pagers-explode-injure-hundreds-of-hezbollah-members-in-lebanon-israel-fingered/
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users
https://thehackernews.com/2024/09/binance-warns-of-rising-clipper-malware.html