VXCON2024_Keynote.pdf
https://zerodayengineering.com/research/slides/VXCON2024_Keynote.pdf
JSAC2024 - Time Table -
https://jsac.jpcert.or.jp/timetable.html
URLhaus | SVG
https://urlhaus.abuse.ch/browse/tag/SVG/
MalwareBazaar | svg
https://bazaar.abuse.ch/browse/tag/svg/
Critical RCE bug in VMware vCenter Server now exploited in attacks
https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-vmware-vcenter-server-now-exploited-in-attacks/
Palo Alto Networks patches two firewall zero-days used in attacks
https://www.bleepingcomputer.com/news/security/palo-alto-networks-patches-two-firewall-zero-days-used-in-attacks/
Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack
https://unit42.paloaltonetworks.com/fake-north-korean-it-worker-activity-cluster/
Malware Analysis - Writing x64dbg unpacking scripts - YouTube
https://youtu.be/V1s5nAKo5uY?si=q3f_-99DToicR5rf
US space tech giant Maxar discloses employee data breach
https://www.bleepingcomputer.com/news/security/us-space-tech-giant-maxar-discloses-employee-data-breach/
5 Lessons That Made Me $1M Since 2022 - YouTube
https://youtu.be/AR_FbrSy5hc
Breaking the most popular Web Application Firewalls in the market – Project NZT-48
https://nzt-48.org/breaking-the-most-popular-wafs
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
https://www.bleepingcomputer.com/news/security/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials/
halfnarp web scheduling helper app
https://halfnarp.events.ccc.de
Microsoft 365 Admin portal abused to send sextortion emails
https://www.bleepingcomputer.com/news/security/microsoft-365-admin-portal-abused-to-send-sextortion-emails/
Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012
https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/
CISA Director Jen Easterly to depart agency on January 20 | TechCrunch
https://techcrunch.com/2024/11/18/cisa-director-jen-easterly-to-depart-agency-on-january-20/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAACeW5scB6bbUQbdLZM0UU37lphZd3VejcmtvH3sWitxLRcVvedjuhga5h1Cwhq8oiTbsPqW1pwnV9AiuVscSPkHVajj8CHorNCG_HnrJRl5uweMomcwCv4L5T8p6g0jjUMOlSFMKS-3pLAAt2ZQqHWcE5J3yFEPdE8G1S4W-cS-G
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
https://www.bleepingcomputer.com/news/security/fake-bitwarden-ads-on-facebook-push-info-stealing-chrome-extension/
300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks - SecurityWeek
https://www.securityweek.com/300-drinking-water-systems-in-us-exposed-to-disruptive-damaging-hacker-attacks/
Security plugin flaw in millions of WordPress sites gives admin access
https://www.bleepingcomputer.com/news/security/security-plugin-flaw-in-millions-of-wordpress-sites-gives-admin-access/
Office of Public Affairs | Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges | United States Department of Justice
https://www.justice.gov/opa/pr/phobos-ransomware-administrator-extradited-south-korea-face-cybercrime-charges
Palo Alto Networks Releases IoCs for New Firewall Zero-Day - SecurityWeek
https://www.securityweek.com/palo-alto-networks-releases-iocs-for-new-firewall-zero-day/
Phishing emails increasingly use SVG attachments to evade detection
https://www.bleepingcomputer.com/news/security/phishing-emails-increasingly-use-svg-attachments-to-evade-detection/
Reverse Engineering: Finding Exploits in Video Games
https://shalzuth.com/Blog/FindingExploitsInGames
Redis CVE-2024-31449: How to Reproduce and Mitigate the Vulnerability
https://redrays.io/blog/redis-cve-2024-31449-how-to-reproduce-and-mitigate-the-vulnerability/
Bsides London 2024 :: pretalx
https://cfp.securitybsides.org.uk/bsides-london-2024/schedule/
GitHub - watchtowrlabs/Citrix-Virtual-Apps-XEN-Exploit: Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE
https://github.com/watchtowrlabs/Citrix-Virtual-Apps-XEN-Exploit