12/18
12/19
12/20
5 Posts

Differences Between CreateProcessAsUser and CreateProcessWithTokenW

https://trainsec.net/library/understanding-the-differences-between-createprocessasuser-and-createprocesswithtokenw-in-windows/
Differences Between CreateProcessAsUser and CreateProcessWithTokenW
4 Posts

security-research/pocs/linux/kernelctf/CVE-2024-50264_lts_cos/docs/exploit.md at 09335abb6b01ee706a5a5584278ef4c4c1d50bda · google/security-research · GitHub

https://github.com/google/security-research/blob/09335abb6b01ee706a5a5584278ef4c4c1d50bda/pocs/linux/kernelctf/CVE-2024-50264_lts_cos/docs/exploit.md
security-research/pocs/linux/kernelctf/CVE-2024-50264_lts_cos/docs/exploit.md at 09335abb6b01ee706a5a5584278ef4c4c1d50bda · google/security-research · GitHub
4 Posts

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

https://thehackernews.com/2024/12/fortinet-warns-of-critical-fortiwlm.html
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
4 Posts

Lazarus targets nuclear-related organization with new malware | Securelist

https://securelist.com/lazarus-new-malware/115059/
Lazarus targets nuclear-related organization with new malware | Securelist
4 Posts

Project Zero: The Windows Registry Adventure #5: The regf file format

https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html
Project Zero: The Windows Registry Adventure #5: The regf file format
3 Posts

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

https://thehackernews.com/2024/12/uac-0125-abuses-cloudflare-workers-to.html
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
3 Posts

US considers banning TP-Link routers over cybersecurity risks

https://www.bleepingcomputer.com/news/security/us-considers-banning-tp-link-routers-over-cybersecurity-risks/
US considers banning TP-Link routers over cybersecurity risks
3 Posts

Android malware found on Amazon Appstore disguised as health app

https://www.bleepingcomputer.com/news/security/android-spyware-found-on-amazon-appstore-disguised-as-health-app/
Android malware found on Amazon Appstore disguised as health app
3 Posts

Microsoft says Auto HDR causes game freezes on Windows 11 24H2

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-auto-hdr-causes-game-freezes-on-windows-11-24h2/
Microsoft says Auto HDR causes game freezes on Windows 11 24H2
3 Posts

How an obscure PHP footgun led to RCE in Craft CMS

https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms
How an obscure PHP footgun led to RCE in Craft CMS
3 Posts

Microsoft 365 users hit by random product deactivation errors

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-users-hit-by-random-product-deactivation-errors/
Microsoft 365 users hit by random product deactivation errors
3 Posts

Juniper warns of Mirai botnet targeting Session Smart routers

https://www.bleepingcomputer.com/news/security/juniper-warns-of-mirai-botnet-targeting-session-smart-routers/
Juniper warns of Mirai botnet targeting Session Smart routers
3 Posts

Có gì bên trong các .NET deser gadgetchain? | by Jang | Dec, 2024 | Medium

https://testbnull.medium.com/c%C3%B3-g%C3%AC-b%C3%AAn-trong-c%C3%A1c-net-deser-gadgetchain-3d89897c4878
Có gì bên trong các .NET deser gadgetchain? | by Jang | Dec, 2024 | Medium
3 Posts

Russian hackers use RDP proxies to steal data in MiTM attacks

https://www.bleepingcomputer.com/news/security/russian-hackers-use-rdp-proxies-to-steal-data-in-mitm-attacks/
Russian hackers use RDP proxies to steal data in MiTM attacks
3 Posts

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

https://thehackernews.com/2024/12/dutch-dpa-fines-netflix-475-million-for.html
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency
3 Posts

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

https://thehackernews.com/2024/12/thousands-download-malicious-npm.html
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
3 Posts

BeyondTrust says hackers breached Remote Support SaaS instances

https://www.bleepingcomputer.com/news/security/beyondtrust-says-hackers-breached-remote-support-saas-instances/
BeyondTrust says hackers breached Remote Support SaaS instances
3 Posts

CISA Releases Mobile Security Guidance After Chinese Telecom Hacking - SecurityWeek

https://www.securityweek.com/cisa-releases-mobile-security-guidance-after-chinese-telecom-hacking/
CISA Releases Mobile Security Guidance After Chinese Telecom Hacking - SecurityWeek
3 Posts

Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US - SecurityWeek

https://www.securityweek.com/ukrainian-raccoon-infostealer-operator-sentenced-to-prison-in-us/
Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US - SecurityWeek
3 Posts

Attackers exploiting a FortiClient EMS vulnerability in the wild | Securelist

https://securelist.com/patched-forticlient-ems-vulnerability-exploited-in-the-wild/115046/
Attackers exploiting a FortiClient EMS vulnerability in the wild | Securelist
3 Posts

BadBox malware botnet infects 192,000 Android devices despite disruption

https://www.bleepingcomputer.com/news/security/badbox-malware-botnet-infects-192-000-android-devices-despite-disruption/
BadBox malware botnet infects 192,000 Android devices despite disruption