ShadowHound: A SharpHound Alternative Using Native PowerShell – Security Friends' Research Blog
https://blog.fndsec.net/2024/11/25/shadowhound/
ZDI-24-1532 | Zero Day Initiative
https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
Over 1,000 arrested in massive ‘Serengeti’ anti-cybercrime operation
https://www.bleepingcomputer.com/news/security/over-1-000-arrested-in-massive-serengeti-anti-cybercrime-operation/
正規サービスを悪用した攻撃グループAPT-C-60による攻撃 - JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ
https://blogs.jpcert.or.jp/ja/2024/11/APT-C-60.html
Blue Yonder ransomware attack disrupts grocery store supply chain
https://www.bleepingcomputer.com/news/security/blue-yonder-ransomware-attack-disrupts-grocery-store-supply-chain/
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites - SecurityWeek
https://www.securityweek.com/critical-vulnerabilities-found-in-anti-spam-plugin-used-by-200000-wordpress-sites/
Guess Who’s Back - The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024 | Trend Micro (US)
https://www.trendmicro.com/en_us/research/24/k/return-of-anel-in-the-recent-earth-kasha-spearphishing-campaign.html
The source code of Banshee Stealer leaked online
https://securityaffairs.com/171423/malware/the-source-code-of-banshee-stealer-leaked-online.html
VMware Patches High-Severity Vulnerabilities in Aria Operations - SecurityWeek
https://www.securityweek.com/vmware-patches-high-severity-vulnerabilities-in-aria-operations/
Introducing NachoVPN: One VPN Server to Pwn Them All
https://blog.amberwolf.com/blog/2024/november/introducing-nachovpn---one-vpn-server-to-pwn-them-all/
RomCom exploits Firefox and Windows zero days in the wild
https://www.welivesecurity.com/en/eset-research/romcom-exploits-firefox-and-windows-zero-days-in-the-wild/
CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html
REverse Tactics
https://www.reversetactics.com/publications/2024_conf_grehack_virtualbox/
GitHub - AmberWolfCyber/NachoVPN: A tasty, but malicious SSL-VPN server 🌮
https://github.com/AmberWolfCyber/NachoVPN
Release v0.11.0 · VirusTotal/yara-x · GitHub
https://github.com/VirusTotal/yara-x/releases/tag/v0.11.0
HackingHub - Hands-On Web Exploitation Course
https://hhub.io/tQWXgd
QNAP addresses critical flaws across NAS, router software
https://www.bleepingcomputer.com/news/security/qnap-addresses-critical-flaws-across-nas-router-software/
Thai police arrested Chinese gangs involved in SMS blaster attacks
https://securityaffairs.com/171406/cyber-crime/sms-blaster-attacks-bangkok.html
NHS declares major cyber incident for third time this year • The Register
https://go.theregister.com/feed/www.theregister.com/2024/11/26/third_major_cyber_incident_declared/
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
https://thehackernews.com/2024/11/critical-wordpress-anti-spam-plugin.html
MalwareBazaar | abbgets--qlststv-com
https://bazaar.abuse.ch/browse/tag/abbgets--qlststv-com/
New York Fines Geico and Travelers $11 Million Over Data Breaches - SecurityWeek
https://www.securityweek.com/new-york-fines-geico-and-travelers-11-million-over-data-breaches/
IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR - SecurityWeek
https://www.securityweek.com/ibm-patches-rce-vulnerabilities-in-data-virtualization-manager-security-soar/
African cybercrime crackdown culminates in 1,006 captured and cuffed | The Record from Recorded Future News
https://therecord.media/interpol-afripol-cybercrime-arrests