2023-04-24 | Hacker Trends

04/23

04/24

04/25

11 Posts

Qakbot/Qakbot_BB25_24.04.2023.txt at main · pr0xylife/Qakbot · GitHub

https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB25_24.04.2023.txt

Qakbot/Qakbot_BB25_24.04.2023.txt at main · pr0xylife/Qakbot · GitHub

8 Posts

Hacker Group Names Are Now Absurdly Out of Control | WIRED

https://www.wired.com/story/hacker-naming-schemes-spandex-tempest/

Hacker Group Names Are Now Absurdly Out of Control | WIRED

8 Posts

Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991

https://qriousec.github.io/post/vbox-pwn2own-2023/

Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991

8 Posts

HITBAMS – Your Not so “Home” Office – Soho Hacking at Pwn2Own | NCC Group Research Blog | Making the world safer and more secure

https://research.nccgroup.com/2023/04/24/hitbams-your-not-so-home-office-soho-hacking-at-pwn2own/

HITBAMS – Your Not so “Home” Office – Soho Hacking at Pwn2Own | NCC Group Research Blog | Making the world safer and more secure

7 Posts

Introducing VirusTotal Code Insight: Empowering threat analysis with generative AI ~ VirusTotal Blog

https://blog.virustotal.com/2023/04/introducing-virustotal-code-insight.html

Introducing VirusTotal Code Insight: Empowering threat analysis with generative AI ~ VirusTotal Blog

7 Posts

Hackers can breach networks using data on resold corporate routers

https://www.bleepingcomputer.com/news/security/hackers-can-breach-networks-using-data-on-resold-corporate-routers/

Hackers can breach networks using data on resold corporate routers

7 Posts

Attacking O365 with TeamFiltration Part 2 - Enumeration - YouTube

https://youtu.be/YyuxEuzQa9k

Attacking O365 with TeamFiltration Part 2 - Enumeration - YouTube

7 Posts

Tomiris called, they want their Turla malware back | Securelist

https://securelist.com/tomiris-called-they-want-their-turla-malware-back/109552/

Tomiris called, they want their Turla malware back | Securelist

7 Posts

Detecting and decrypting Sliver C2 – a threat hunter's guide - Immersive Labs

https://www.immersivelabs.com/blog/detecting-and-decrypting-sliver-c2-a-threat-hunters-guide/

Detecting and decrypting Sliver C2 – a threat hunter's guide - Immersive Labs

6 Posts

CodeQL query to detect RCE via ZipSlip - $5,500 bounty from GitHub Security Lab - YouTube

https://youtu.be/F95U912u7OQ

CodeQL query to detect RCE via ZipSlip - $5,500 bounty from GitHub Security Lab - YouTube

6 Posts

Andy Greenberg ([email protected]) on Twitter: "Cybersecurity industry, we need to talk. Is it truly a good idea to call Iranian hackers targeting US seaports, energy and transit systems “Mint Sandstorm”? Or “Charming Kitten”? I wrote (ranted) about the increasingly absurd sprawl of hacker group names. https://t.co/d5nFai8QoQ" / Twitter

https://twitter.com/a_greenberg/status/1650168109431414788

Andy Greenberg (agreenberg@infosec.exchange) on Twitter: "Cybersecurity industry, we need to talk. Is it truly a good idea to call Iranian hackers targeting US seaports, energy and transit systems “Mint Sandstorm”? Or “Charming Kitten”? I wrote (ranted) about the increasingly absurd sprawl of hacker group names. https://t.co/d5nFai8QoQ" / Twitter

6 Posts

Malware-Analysis/Indirect Syscalls.md at main · dodo-sec/Malware-Analysis · GitHub

https://github.com/dodo-sec/Malware-Analysis/blob/main/Cobalt%20Strike/Indirect%20Syscalls.md

Malware-Analysis/Indirect Syscalls.md at main · dodo-sec/Malware-Analysis · GitHub

6 Posts

APC warns of critical unauthenticated RCE flaws in UPS software

https://www.bleepingcomputer.com/news/security/apc-warns-of-critical-unauthenticated-rce-flaws-in-ups-software/

APC warns of critical unauthenticated RCE flaws in UPS software