Vulnerabilities in Open Source C2 Frameworks - Include Security Research Blog
https://blog.includesecurity.com/2024/09/vulnerabilities-in-open-source-c2-frameworks/
Germany seizes 47 crypto exchanges used by ransomware gangs
https://www.bleepingcomputer.com/news/security/germany-seizes-47-crypto-exchanges-used-by-ransomware-gangs/
GitHub - rotarydrone/GlobalUnProtect: Decrypt GlobalProtect configuration and cookie files.
https://github.com/rotarydrone/GlobalUnProtect
GitHub - trustedsec/CS-Remote-OPs-BOF
https://github.com/trustedsec/CS-Remote-OPs-BOF/tree/main
Clever 'GitHub Scanner' campaign abusing repos to push malware
https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
MalwareBazaar | jumpshare-com
https://bazaar.abuse.ch/browse/tag/jumpshare-com/
Tor says it’s "still safe" amid reports of police deanonymizing users
https://www.bleepingcomputer.com/news/security/tor-says-its-still-safe-amid-reports-of-police-deanonymizing-users/
FTC exposes massive surveillance of kids, teens by social media giants
https://www.bleepingcomputer.com/news/technology/ftc-exposes-massive-surveillance-of-kids-teens-by-social-media-giants/
Police dismantles phone unlocking ring linked to 483,000 victims
https://www.bleepingcomputer.com/news/security/police-dismantles-iserver-phone-unlocking-network-linked-to-483-000-victims/
Unexplained ‘Noise Storms’ flood the Internet, puzzle experts
https://www.bleepingcomputer.com/news/security/mysterious-love-packet-storms-flood-the-internet-since-2020/
MalwareBazaar | login-n26-it-com
https://bazaar.abuse.ch/browse/tag/login-n26-it-com/
The 'Invisibility Cloak' - Slash-Proc Magic | dfir.ch
https://dfir.ch/posts/slash-proc/
Extracting Credentials From Windows Logs – Practical Security Analytics LLC
https://practicalsecurityanalytics.com/extracting-credentials-from-windows-logs/
Hiding Linux Processes with Bind Mounts – Righteous IT
https://righteousit.com/2024/07/24/hiding-linux-processes-with-bind-mounts/
Opnova Banks Seed Capital to Tackle Security, IT Automation - SecurityWeek
https://www.securityweek.com/opnova-banks-seed-capital-to-tackle-security-it-automation/
This Windows PowerShell Phish Has Scary Potential – Krebs on Security
https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary-potential/
Analysis github-scanner.com Malicious activity - Interactive analysis ANY.RUN
https://app.any.run/tasks/860838d1-e6d1-41b3-bee4-9d4b0027e7e8
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
https://thehackernews.com/2024/09/microsoft-warns-of-new-inc-ransomware.html
Europol takes down "Ghost" encrypted messaging platform used for crime
https://www.bleepingcomputer.com/news/security/europol-takes-down-ghost-encrypted-messaging-platform-used-for-crime/
Ivanti warns of another critical CSA flaw exploited in attacks
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-another-critical-csa-flaw-exploited-in-attacks/
Turning Everyday Gadgets into Bombs is a Bad Idea « bunnie's blog
https://www.bunniestudios.com/blog/2024/turning-everyday-gadgets-into-bombs-is-a-bad-idea/
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
https://thehackernews.com/2024/09/hackers-exploit-default-credentials-in.html
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
https://thehackernews.com/2024/09/new-brazilian-linked-sambaspy-malware.html
Revisiting MiniFilter Abuse Techniques to Blind EDR | Penetration Testing - Red Teaming - Purple Teaming - Security Training | Tier Zero Security, New Zealand
https://tierzerosecurity.co.nz/2024/09/18/blind-edr-revisited.html
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
https://thehackernews.com/2024/09/gitlab-patches-critical-saml.html
Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC | Trend Micro (US)
https://www.trendmicro.com/en_us/research/24/i/earth-baxia-spear-phishing-and-geoserver-exploit.html
Fake GitHub Site Targeting Developers - SANS Internet Storm Center
https://isc.sans.edu/diary/31282
Google Password Manager now automatically syncs your passkeys
https://www.bleepingcomputer.com/news/google/google-password-manager-now-automatically-syncs-your-passkeys/
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
https://thehackernews.com/2024/09/new-teamtnt-cryptojacking-campaign.html
2 unread messages
https://bishopfox.com/jobs?gh_jid=6259893
Iranian Hackers Tried but Failed to Interest Biden's Campaign in Stolen Trump Info, FBI Says - SecurityWeek
https://www.securityweek.com/iranian-hackers-tried-but-failed-to-interest-bidens-campaign-in-stolen-trump-info-fbi-says/
US Disrupts 'Raptor Train' Botnet of Chinese APT Flax Typhoon - SecurityWeek
https://www.securityweek.com/us-disrupts-raptor-train-botnet-of-chinese-apt-flax-typhoon/
GitLab releases fix for critical SAML authentication bypass flaw
https://www.bleepingcomputer.com/news/security/gitlab-releases-fix-for-critical-saml-authentication-bypass-flaw/
Antivirus firm Dr.Web disconnected all servers following a cyberattack
https://securityaffairs.com/168577/hacking/antivirus-firm-dr-web-suffers-cyberattack.html