Automation in Reverse Engineering: String Decryption https://synthesis.to/2021/06/30/automating_string_decryption.html

A good historic background of Pegasus, a weapon system by NSO Group and role of Israel 🇮🇱 (government) in supporting the cyber espionage and specifics to India 🇮🇳

Israeli government is trying to evade sanctioning NSO and similar companies under international pressure. Lobbying is not working for Israel. Public is aware and only thing in Israels favour is to stay quiet till the heat dies out.

https://youtu.be/0OWw8IEj9oQ

Fuzzing with Grammars

https://www.fuzzingbook.org/html/Grammars.html

Elasticsearch ECE 7.13.3 - Anonymous Database Dump

https://www.exploit-db.com/exploits/50152

Microsoft Warns of LemonDuck Malware Targeting Windows and Linux Systems

https://ift.tt/3zvPwgW

New PetitPotam attack
https://twitter.com/cyb3rops/status/1419193618745675776?s=19

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

https://ift.tt/3eYuZJY

CVE-2021-27850 Exploit
https://github.com/kahla-sec/CVE-2021-27850_POC

Pegasus is open source and available under the Apache V2 license.

https://pegasus.isi.edu/downloads/

Portable Executable Injection

https://malwareunicorn.org/workshops/peinjection.html#0

Fuzzing online udp protocols of online games to achieve RCE

http://blog.ret2.io/2021/07/21/wtf-snapshot-fuzzing/

Supply-Chain ⛓ attack via Python.

As many as eight Python packages that were downloaded more than 30,000 times have been removed from the PyPI portal for containing malicious code, once again highlighting how software package repositories are evolving into a popular target for supply chain attacks.

https://thehackernews.com/2021/07/several-malicious-typosquatted-python.html