#book
"The 2024 Crypto Crime Report:
The latest trends in ransomware, scams, hacking and more", Feb. 2024.

Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples

https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/

Data Scientists Targeted by Malicious Hugging Face ML Models with Silent Backdoor

https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor/

Red Teaming action practice based on MITER ATT&CK

https://mp.weixin.qq.com/s?__biz=MzAwMzAwOTQ5Nw==&mid=2650941400&idx=1&sn=cb9fda3118d1eced912f9e210c2cd734&chksm=8137396eb640b078190b7846de94f9486b3c2

2023 Top Vulnerabilities

CVE-2023-28252 1– Windows Common Log File System Driver Elevation of Privilege Vulnerability.

CVE-2023-7024– Google Chromium WebRTC Heap Buffer Overflow Vulnerability.

CVE-2023-23397 2– Microsoft Outlook Elevation of Privilege Vulnerability.

CVE-2023-34362– Progress MOVEit Transfer SQL Injection Vulnerability.

CVE-2023-38831– RARLAB WinRAR Code Execution Vulnerability

CVE-2023-21674– Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability.

CVE-2023-23376– Windows Common Log File System Driver Elevation of Privilege Vulnerability.

CVE-2023-32434– Apple Multiple Products Integer Overflow Vulnerability.

CVE-2023-41763– Skype for Business Elevation of Privilege Vulnerability.

CVE-2023-36033– Windows DWM Core Library Elevation of Privilege Vulnerability

https://malware.news/t/2023-top-vulnerabilities/79315

Complete Guide to Advanced Persistent Threat (APT) Security
https://securityboulevard.com/2024/03/complete-guide-to-advanced-persistent-threat-apt-security/

open source RAT on the scene Xeno Rat

https://www.cyfirma.com/outofband/xeno-rat-a-new-remote-access-trojan-with-advance-capabilities/

https://github.com/moom825/xeno-rat

How we applied advanced fuzzing techniques to cURL


https://blog.trailofbits.com/2024/03/01/toward-more-effective-curl-fuzzing/

Lazarus exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools.CVE-2024-21338
Beyond BYOVD with an Admin-to-Kernel Zero-Day
https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/

Password : GREENARMOR

Thanks " ./h4x Forensics " and others for sharing

Windows persistence mechanisms

https://persistence-info.github.io/

MIT Operating System Engineering 6.1810(6.S081) Course
labs, pdfs, books, links, videos included

https://github.com/yaruwangway/6.S081

https://youtube.com/playlist?list=PLTsf9UeqkReZHXWY9yJvTwLJWYYPcKEqK&si=zt7GV6w5zFD-Vau4

CS 162 Berkley
https://youtube.com/playlist?list=PLF2K2xZjNEf97A_uBCwEl61sdxWVP7VWC&si=iQHM_2XyWPerIW4P

Несколько переведённых глав из книжки об операционной системе, разбирающейся в курсе:


Глава 6. Блокировки
https://habr.com/ru/articles/789478

Глава 5. Прерывания и драйверы устройств
https://habr.com/ru/articles/791058

Глава 4. Прерывания и системные вызовы
https://habr.com/ru/articles/791286

Глава 3. Таблицы страниц
https://habr.com/ru/articles/792808

Инструменты для сборки и запуска xv6 под QEMU
https://habr.com/ru/articles/794326

Глава 2. Устройство операционной системы
https://habr.com/ru/articles/795735

Глава 1. Интерфейсы операционной системы
https://habr.com/ru/articles/797557

Pelmeni Wrapper: New Wrapper of Kazuar (Turla Backdoor)

https://lab52.io/blog/pelmeni-wrapper-new-wrapper-of-kazuar-turla-backdoor/

Scam .pdf files
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/rise-in-deceptive-pdf-the-gateway-to-malicious-payloads