Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules

https://www.aon.com/en/insights/cyber-labs/unveiling-sedexp

Qilin ransomware caught stealing credentials stored in Google Chrome

Once the attacker reached the domain controller in question, they edited the default domain policy to introduce a logon-based Group Policy Object (GPO) containing two items. The first, a PowerShell noscript named IPScanner.ps1, was written to a temporary directory within the SYSVOL (SYStem VOLume) share (the shared NTFS directory located on each domain controller inside an Active Directory domain) on the specific domain controller involved. It contained a 19-line noscript that attempted to harvest credential data stored within the Chrome browser...:

https://news.sophos.com/en-us/2024/08/22/qilin-ransomware-caught-stealing-credentials-stored-in-google-chrome/

GUIDANCE*

Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information

https://embracethered.com/blog/posts/2024/m365-copilot-prompt-injection-tool-invocation-and-data-exfil-using-ascii-smuggling/

Intel SGX Key Disclosure Claim

https://www.intel.com/content/www/us/en/security-center/announcement/intel-security-announcement-2024-08-29-001.html

DIR-846W : All H/W Revs. & All F/W Vers. : End-of-Life (EOL) / End-of-Service (EOS) : CVE-2024-41622/44340/44341/44342 Vulnerability Reports

RCE

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10411

Analyzing the Mekotio Trojan

https://www.cyfirma.com/research/analyzing-the-mekotio-trojan/

Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk

https://jfrog.com/blog/revival-hijack-pypi-hijack-technique-exploited-22k-packages-at-risk/

Novel RAMBO Side-Channel Attack Leaks Data Through RAM Radio Waves

https://cyberinsider.com/new-rambo-side-channel-attack-leaks-data-through-ram-radio-waves/

EUCLEAK (Side-Channel Attack on the YubiKey 5 Series)

https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf

How Mallox ransomware has changed: a detailed analysis

- [ru] https://securelist.ru/mallox-ransomware/110314/

CompTIA Security+ SY0-601

- Attacks, Threats, and Vulnerabilities
- Architecture and Design
- Implementation
- Operations and Incident Response
- Governance, Risk, and Compliance

Exploit detail about CVE-2024-26581

https://github.com/google/security-research/blob/master/pocs/linux/kernelctf/CVE-2024-26581_lts_cos_mitigation/docs/exploit.md

A public secret : Research on the CVE-2024-30051 privilege escalation vulnerability in the wild

https://ti.qianxin.com/blog/articles/public-secret-research-on-the-cve-2024-30051-privilege-escalation-vulnerability-in-the-wild-en/

Forti was hacked
https://www.fortinet.com/blog/business-and-technology/notice-of-recent-security-incident

Hackers Exploit HTTP Response Header to Launch Sophisticated Phishing Attacks

https://unit42.paloaltonetworks.com/rare-phishing-page-delivery-header-refresh/

AutoIt Credential Flusher

Forcing users to enter credentials so they can be stolen

https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html

Timeless Timing Attack

https://tom.vg/papers/timeless-timing-attack_usenix2020.pdf

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

https://unit42.paloaltonetworks.com/gleaming-pisces-applejeus-poolrat-and-pondrat/