Senior Security Engineer, Security Research — Google Careers
https://goo.gle/41DBQBY
SonicWall urges admins to patch exploitable SSLVPN bug immediately
https://www.bleepingcomputer.com/news/security/sonicwall-urges-admins-to-patch-exploitable-sslvpn-bug-immediately/
Malware Analysis Series (MAS): article 09 | Shellcode – Exploit Reversing
https://exploitreversing.com/2025/01/08/malware-analysis-series-mas-article-09/
MirrorFaceによるサイバー攻撃について(注意喚起)|警察庁Webサイト
https://www.npa.go.jp/bureau/cyber/koho/caution/caution20250108.html
LobbyCon.org
https://lobbycon.org
Over 4,000 backdoors hijacked by registering expired domains
https://www.bleepingcomputer.com/news/security/over-4-000-backdoors-hijacked-by-registering-expired-domains/
Log in to X / X
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-visual-studio-code-tunnels-for-remote-access/
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
https://thehackernews.com/2025/01/researchers-expose-noneuclid-rat-using.html
20250108_MirrorFace.pdf
https://www.nisc.go.jp/pdf/news/press/20250108_MirrorFace.pdf
Backdooring Your Backdoors - Another $20 Domain, More Governments
https://labs.watchtowr.com/more-governments-backdoors-in-your-backdoors/
20250108_windowssandbox.pdf
https://www.npa.go.jp/bureau/cyber/pdf/20250108_windowssandbox.pdf
Medical billing firm Medusind discloses breach affecting 360,000 people
https://www.bleepingcomputer.com/news/security/medical-billing-firm-medusind-discloses-breach-affecting-360-000-people/
Ivanti warns of new Connect Secure flaw used in zero-day attacks
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-flaw-used-in-zero-day-attacks/
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
https://www.bleepingcomputer.com/news/security/hackers-exploit-keriocontrol-firewall-flaw-to-steal-admin-csrf-tokens/
CVE-2024-54527: MediaLibraryService Full TCC Bypass, Dive Deep into AMFI – Mickey's Blogs – Exploring the world with my sword of debugger :)
https://jhftss.github.io/CVE-2024-54527-MediaLibraryService-Full-TCC-Bypass/
MalwareBazaar | SHA256 e5e475db5076e112f69b61ccb36aaedfbb7cac54a03a4a2b3c6a4a9317af2196
https://bazaar.abuse.ch/sample/e5e475db5076e112f69b61ccb36aaedfbb7cac54a03a4a2b3c6a4a9317af2196/
Cho_Lee-Utilizing_Cross-CPU_Allocation_to_Exploit_Preempt-Disabled_Linux_Kernel.pdf
https://www.hexacon.fr/slides/Cho_Lee-Utilizing_Cross-CPU_Allocation_to_Exploit_Preempt-Disabled_Linux_Kernel.pdf
A Day in the Life of a Prolific Voice Phishing Crew – Krebs on Security
https://krebsonsecurity.com/2025/01/a-day-in-the-life-of-a-prolific-voice-phishing-crew/
Chinese hackers use Visual Studio Code tunnels for remote access
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-visual-studio-code-tunnels-for-remote-access/
Ransomware Targeting Infrastructure Hits Telecom Namibia
https://www.darkreading.com/cyberattacks-data-breaches/ransomware-targeting-infrastructure-telecom-namibia
Overview of WebAssembly Type Confusion in JavaScript Engines Exploitation | xia0o0o0o
https://xia0.sh/blog/overview-of-wasm-in-jsengine-exploit
Unconventional Cyberattacks Aim for PayPal Account Takeover
https://www.darkreading.com/threat-intelligence/unconventional-cyberattacks-take-over-paypal-accounts
Thousands of credit cards stolen in Green Bay Packers store breach
https://www.bleepingcomputer.com/news/security/thousands-of-credit-cards-stolen-in-green-bay-packers-store-breach/
Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections
https://thehackernews.com/2025/01/neglected-domains-used-in-malspam-to.html
UN aviation agency confirms recruitment database security breach
https://www.bleepingcomputer.com/news/security/un-aviation-agency-confirms-recruitment-database-security-breach/
Executive Assistant to CEO - Remote - Indeed.com
https://www.indeed.com/viewjob?jk=bea595ca1bd3a3ce
Facebook Is Censoring 404 Media Stories About Facebook's Censorship
https://www.404media.co/facebook-is-censoring-404-media-stories-about-facebooks-censorship/
FCC Launches 'Cyber Trust Mark' for IoT Devices to Certify Security Compliance
https://thehackernews.com/2025/01/fcc-launches-cyber-trust-mark-for-iot.html
.ORG - Power Your Inspiration. Connect Your World.
http://pir.org
Japan Links Chinese Hacker MirrorFace to Dozens of Cyberattacks Targeting Security and Tech Data - SecurityWeek
https://www.securityweek.com/japan-links-chinese-hacker-mirrorface-to-dozens-of-cyberattacks-targeting-security-and-tech-data/
Telegram hands over data on thousands of users to US law enforcement
https://www.bleepingcomputer.com/news/legal/telegram-hands-over-data-on-thousands-of-users-to-us-law-enforcement/
Crims backdoored their backdoors. Then the domains lapsed • The Register
https://go.theregister.com/feed/www.theregister.com/2025/01/08/backdoored_backdoors/
GitHub - NVIDIA/garak: the LLM vulnerability scanner
https://github.com/NVIDIA/garak/
How We Cracked a 512-Bit DKIM Key for Less Than $8 in the Cloud
https://dmarcchecker.app/articles/crack-512-bit-dkim-rsa-key
Girl Scout Order Card | Girl Scouts
https://digitalcookie.girlscouts.org/scout/vera162489
Casio says data of 8,500 people exposed in October ransomware attack
https://www.bleepingcomputer.com/news/security/casio-says-data-of-8-500-people-exposed-in-october-ransomware-attack/
Unpatched critical flaws impact Fancy Product Designer WordPress plugin
https://www.bleepingcomputer.com/news/security/unpatched-critical-flaws-impact-fancy-product-designer-wordpress-plugin/