Attacking UNIX Systems via CUPS, Part I
https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/
Hacking Kia: Remotely Controlling Cars With Just a License Plate
https://samcurry.net/hacking-kia
Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation – Fox-IT International blog
https://blog.fox-it.com/2024/09/25/red-teaming-in-the-age-of-edr-evasion-of-endpoint-detection-through-malware-virtualisation/
Shodan Search Engine
https://www.shodan.io/search/report?query=product%3Acups
Fake WalletConnect app on Google Play steals Android users’ crypto
https://www.bleepingcomputer.com/news/security/fake-walletconnect-app-on-google-play-steals-android-users-crypto/
Automattic blocks WP Engine’s access to WordPress resources
https://www.bleepingcomputer.com/news/security/automattic-blocks-wp-engines-access-to-wordpress-resources/
Review locking/multi-threading implementation · Issue #36 · OpenPrinting/cups-browsed · GitHub
https://github.com/OpenPrinting/cups-browsed/issues/36
Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover - SecurityWeek
https://www.securityweek.com/critical-nvidia-container-flaw-exposes-cloud-ai-systems-to-host-takeover/
A step-by-step guide to writing an iOS kernel exploit | Alfie CG
https://alfiecg.uk/2024/09/24/Kernel-exploit.html
Eric Adams Told FBI He Forgot His Phone’s Passcode
https://www.404media.co/eric-adams-told-fbi-he-forgot-his-phones-passcode/
Thread by @evilsocket on Thread Reader App – Thread Reader App
https://threadreaderapp.com/thread/1838169889330135132.html
Web3 Ping of Death: Finding and Fixing a Chain-Halting Vulnerability in NEAR | Zellic — Research
https://www.zellic.io/blog/near-protocol-bug/
Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware
https://thehackernews.com/2024/09/watering-hole-attack-on-kurdish-sites.html
Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023
https://www.welivesecurity.com/en/eset-research/cyberespionage-gamaredon-way-analysis-toolset-used-spy-ukraine-2022-2023/
U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex – Krebs on Security
https://krebsonsecurity.com/2024/09/u-s-indicts-2-top-russian-hackers-sanctions-cryptex/
Kia dealer portal flaw could let attackers hack millions of cars
https://www.bleepingcomputer.com/news/security/kia-dealer-portal-flaw-could-let-attackers-hack-millions-of-cars/
Pwn2Own Stories - Ben McBride - YouTube
https://www.youtube.com/watch?v=j6jhzFgz_Xo
Google Sees Drop in Memory Safety Bugs in Android as Code Matures - SecurityWeek
https://www.securityweek.com/google-sees-drop-in-memory-safety-bugs-in-android-as-code-matures/
Tails OS merges with Tor Project for better privacy, security
https://www.bleepingcomputer.com/news/software/tails-os-merges-with-tor-project-for-better-privacy-security/
Blog Tool, Publishing Platform, and CMS – WordPress.org
http://WordPress.org
CUPS flaws enable Linux remote code execution, but there’s a catch
https://www.bleepingcomputer.com/news/security/cups-flaws-enable-linux-remote-code-execution-but-theres-a-catch/
Meta halts routing via Deutsche Telekom over €20M peering fee
https://www.bleepingcomputer.com/news/technology/meta-halts-routing-via-deutsche-telekom-over-20m-peering-fee/
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
https://thehackernews.com/2024/09/chinese-hackers-infiltrate-us-internet.html
GitHub - WinampDesktop/winamp: Iconic media player
https://github.com/WinampDesktop/winamp
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
https://thehackernews.com/2024/09/hackers-could-have-remotely-controlled.html
US sanctions crypto exchanges used by Russian ransomware gangs
https://www.bleepingcomputer.com/news/security/us-sanctions-crypto-exchanges-used-by-russian-ransomware-gangs/
Data of 3,191 congressional staffers leaked in the dark web
https://securityaffairs.com/168912/deep-web/3000-congressional-staffers-data-leaked-dark-web.html
Shielder - Hunting for <del>Un</del>authenticated n-days in Asus Routers
https://shielder.com/blog/2024/01/hunting-for-~~un~~authenticated-n-days-in-asus-routers/
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
https://thehackernews.com/2024/09/cloudflare-warns-of-india-linked.html
The Cloudflare Blog
https://blog.cloudflare.com/unraveling-sloppylemming-operations/
China-linked APT group Salt Typhoon compromised some US ISPs
https://securityaffairs.com/168941/apt/salt-typhoon-china-linked-threat-actors-breached-us-isp.html
Zooming in on CVE-2024–7965. On August 21, Google released an update… | by BI.ZONE | Sep, 2024 | Medium
https://bi-zone.medium.com/zooming-in-on-cve-2024-7965-388231c81157
MalwareHunterTeam on X: ""nix": 19e0aab36e15ddb57e684748ac73dbced7d08e35c5950fe53a3b4011cba1f7ac 91.92.249[.]195 https://t.co/d2Tug7RhDm" / X
http://x.com/malwrhunterteam/status/1838647203625341362![MalwareHunterTeam on X: ""nix": 19e0aab36e15ddb57e684748ac73dbced7d08e35c5950fe53a3b4011cba1f7ac 91.92.249[.]195 https://t.co/d2Tug7RhDm" / X](/image/screenshot/20116340bb59919942e3da459dc6d1e5.webp)
侵入型ランサムウェア攻撃発生時に残るWindowsイベントログの調査 - JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ
https://blogs.jpcert.or.jp/ja/2024/09/windows.html
N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks
https://thehackernews.com/2024/09/n-korean-hackers-deploy-new-klogexe-and.html
RansomHub’s EDR-Killer: How Zerologon and EDRKillShifter Exploit Networks Without Detection
https://securityonline.info/ransomhubs-edr-killer-how-zerologon-and-edrkillshifter-exploit-networks-without-detection/