Firefox Animation CVE-2024-9680 – Dimitri Fourny
https://dimitrifourny.github.io/2024/11/14/firefox-animation-cve-2024-9680.html
DarkHotel. A cluster of groups united by common techniques
https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/darkhotel-a-cluster-of-groups-united-by-common-techniques
CISA warns of more Palo Alto Networks bugs exploited in attacks
https://www.bleepingcomputer.com/news/security/cisa-warns-of-more-palo-alto-networks-bugs-exploited-in-attacks/
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
https://thehackernews.com/2024/11/high-severity-flaw-in-postgresql-allows.html
Living Off the Land: Credential Phishing via Docusign abuse
https://sublime.security/blog/living-off-the-land-credential-phishing-via-docusign-abuse/
MalwareBazaar | 94-159-113-79
https://bazaar.abuse.ch/browse/tag/94-159-113-79/
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions - SecurityWeek
https://www.securityweek.com/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions/
Reproducing CVE-2024-10979: A Step-by-Step Guide
https://redrays.io/blog/reproducing-cve-2024-10979-a-step-by-step-guide/
Advanced Fuzzing With LibAFL @ Ekoparty 2024 - Google スライド
https://docs.google.com/presentation/d/1ILXdsBx6JJbsf3uq-_hSeYux-a0DRRPxebOY65EDE5o/edit?usp=sharing
x64 Assembly & Shellcoding 101 - G3tSyst3m’s Infosec Blog
https://g3tsyst3m.github.io/shellcoding/assembly/debugging/x64-Assembly-&-Shellcoding-101/
Hunting SMB Shares, Again! Charts, Graphs, Passwords & LLM Magic for PowerHuntShares 2.0 - NetSPI
https://www.netspi.com/blog/technical-blog/network-pentesting/powerhuntshares-2-0-release/
Palo Alto Networks warns of critical RCE zero-day exploited in attacks
https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-critical-rce-zero-day-exploited-in-attacks/
awesome-lists/Lists/suspicious_http_user_agents_list.csv at main · mthcht/awesome-lists · GitHub
https://github.com/mthcht/awesome-lists/blob/main/Lists/suspicious_http_user_agents_list.csv
Microsoft pulls Exchange security updates over mail delivery issues
https://www.bleepingcomputer.com/news/microsoft/microsoft-pulls-exchange-security-updates-over-mail-delivery-issues/
APT_REPORT/Exploit/Zero-day-cve-2024-4351-report.pdf at master · blackorbird/APT_REPORT · GitHub
https://github.com/blackorbird/APT_REPORT/blob/master/Exploit/Zero-day-cve-2024-4351-report.pdf
Iranian Hackers Target Aerospace Industry in 'Dream Job' Campaign - SecurityWeek
https://www.securityweek.com/iranian-hackers-target-aerospace-industry-in-dream-job-campaign/
Fraud network uses 4,700 fake shopping sites to steal credit cards
https://www.bleepingcomputer.com/news/security/fraud-network-uses-4-700-fake-shopping-sites-to-steal-credit-cards/
x64 Assembly & Shellcoding 101 - Part 2 - G3tSyst3m’s Infosec Blog
https://g3tsyst3m.github.io/shellcoding/assembly/debugging/x64-Assembly-&-Shellcoding-101-Part-2/
Researchers Warn of Privilege Escalation Risks in Google's Vertex AI ML Platform
https://thehackernews.com/2024/11/researchers-warn-of-privilege.html