■■□□□ Cyber-Crime: Hackers ask $120,000 for access to multi-billion auction house.

https://www.bleepingcomputer.com/news/security/hackers-ask-120-000-for-access-to-multi-billion-auction-house/

■■■■□ Hackers figured out 3 separate ways to break into US Air Force satellites, and won up to $50K for doing it.

https://www.businessinsider.in/science/news/hackers-figured-out-3-separate-ways-to-break-into-us-air-force-satellites-and-won-up-to-50k-for-doing-it/articleshow/102804642.cms

■■■■□ DLL side-loading.

https://www.politoinc.com/post/playing-with-bubbles-an-introduction-to-dll-sideloading

■■■□□ [Tool] headerpwn: A fuzzer for finding anomalies and analyzing how servers respond to different HTTP headers   

Useful for uncovering the following behaviors:

- Header based access control issues
- 403/401 Bypasses
- Detecting anomalies when certain special headers are present
- Header based cache poisoning denial of service issues
- Debug information disclosure when certain headers are present
- etc.

https://github.com/devanshbatham/headerpwn

■■■■■ Fuzzing IoT binaries with AFL++ - Part II.

https://blog.attify.com/fuzzing-iot-binaries-with-afl-part-ii/

■■■■□ Journey into Windows Kernel Exploitation: The Basics.

https://blog.neuvik.com/journey-into-windows-kernel-exploitation-the-basics-fff72116ca33

■■■□□ Emulating the Iranian State-Sponsored Adversary APT35.

https://www.attackiq.com/2023/08/18/emulating-apt35/

■□□□□ Funny: Cyber security researchers become target of criminal hackers.

● The victim apparently was a war veteran.

https://www.ft.com/content/88560ffa-bb5f-428a-894e-d791a0ee342c

■■■■■ Tool: BurpSuite Extension (plugin).

InQL, an open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

https://github.com/doyensec/inql

■■■■□ CloudEyE — From .lnk to Shellcode.

https://gi7w0rm.medium.com/cloudeye-from-lnk-to-shellcode-4b5f1d6d877

■□□□□ Eyes is an OSINT tool to get existing accounts from an email.

https://github.com/N0rz3/Eyes

■■■■□ WinRAR flaw lets hackers run programs when you open RAR archives.

https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/

■■■■□ Zero-Day: Thousands of Android malware apps use stealthy APKs to bypass security, study finds. Zimperium report.

https://www.tomsguide.com/news/thousands-of-android-malware-apps-use-stealthy-apks-to-bypass-security-study-finds

■■■□□ Windows Error Reporting Service Privilege Enhancement Vulnerability (CVE-2023-36874).

#untested

https://github.com/d0rb/CVE-2023-36874

■■□□□ Interesting thread.

https://twitter.com/vxunderground/status/1693742275145150927

■■■■□ Asset inventory of over 800 public bug bounty programs.

https://github.com/trickest/inventory

■□□□□ [ Tool ] FaceChain: A deep-learning toolchain for generating your Digital-Twin.

https://github.com/modelscope/facechain

■■■■□ PoC exploit for zero-day Windows Error Reporting Service bug (CVE-2023-36874) releases.

https://securityonline.info/poc-exploit-for-0-day-windows-error-reporting-service-bug-cve-2023-36874-releases/

■■■■□ Ivanti warns of new actively exploited MobileIron zero-day bug.

CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface

https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-actively-exploited-mobileiron-zero-day-bug/

■■■■□ Researchers discovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems.

AT&T Alien Labs researchers uncovered a massive campaign that delivered a proxy server application to at least 400,000 Windows systems.

https://securityaffairs.com/149592/cyber-crime/rise-proxy-server-application.html