Krispy Kreme cyberattack impacts online orders and operations
https://www.bleepingcomputer.com/news/security/krispy-kreme-cyberattack-impacts-online-orders-and-operations/
Ivanti warns of maximum severity CSA auth bypass vulnerability
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-maximum-severity-csa-auth-bypass-vulnerability/
New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools
https://thehackernews.com/2024/12/new-malware-technique-could-exploit.html
CAN Flipper hack a car? - Hackster.io
https://www.hackster.io/electronic-cats/can-flipper-hack-a-car-ce7ec0
Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia
https://thehackernews.com/2024/12/researchers-uncover-espionage-tactics.html
GitHub - 0xdea/blindsight: Red teaming tool to dump LSASS memory, bypassing common countermeasures.
https://github.com/0xdea/blindsight
Bypass Apache Superset restrictions to perform SQL injections - Quarkslab's blog
https://blog.quarkslab.com/bypass-apache-superset-restrictions-to-perform-sql-injections.html
Malware Analysis: A Kernel Land Rootkit Loader for FK_Undead
https://www.gdatasoftware.com/blog/2024/12/38091-analysis-fk-undead
Learn Cryptography! / X
https://x.com/i/broadcasts/1OdJrXLpDaAKX
The GCHQ Christmas Challenge 2024 - GCHQ.GOV.UK
https://www.gchq.gov.uk/news/gchq-christmas-challenge-2024
Unveiling Dark Internet Service Providers: Bulletproof Hosting | by Knownsec 404 team | Dec, 2024 | Medium
https://medium.com/@knownsec404team/unveiling-dark-internet-service-providers-bulletproof-hosting-243ddb2b787d
US names Chinese man alleged to have exploited Sophos 0-day • The Register
https://go.theregister.com/feed/www.theregister.com/2024/12/11/sichuan_silence_sophos_zeroday_sanctions/
Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
https://thehackernews.com/2024/12/chinese-eaglemsgspy-spyware-found.html
DOMPurify 3.2.1 Bypass (Non-Default Config) - YNizry
https://yaniv-git.github.io/2024/12/08/DOMPurify%203.2.1%20Bypass%20(Non-Default%20Config)
New AMSI Bypss Technique Modifying CLR.DLL in Memory – Practical Security Analytics LLC
https://practicalsecurityanalytics.com/new-amsi-bypss-technique-modifying-clr-dll-in-memory/
Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day - SecurityWeek
https://www.securityweek.com/microsoft-ships-urgent-patch-for-exploited-windows-clfs-zero-day/
Facebook, Instagram, WhatsApp hit by massive worldwide outage
https://www.bleepingcomputer.com/news/technology/facebook-instagram-whatsapp-hit-by-massive-worldwide-outage/
https://urlhaus.abuse.ch/feeds/asn/36352/
https://urlhaus.abuse.ch/feeds/asn/36352/
Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities
https://securityaffairs.com/171879/apt/operation-digital-china-apt-targets-europe.html
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
https://thehackernews.com/2024/12/ivanti-issues-critical-security-updates.html
Lynx ransomware behind Electrica energy supplier cyberattack
https://www.bleepingcomputer.com/news/security/lynx-ransomware-behind-electrica-energy-supplier-cyberattack/
Likely China-based Attackers Target High-profile Organizations in Southeast Asia | Symantec Enterprise Blogs
https://www.security.com/threat-intelligence/china-southeast-asia-espionage
ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms
https://thehackernews.com/2024/12/zloader-malware-returns-with-dns.html