A trick threat actors use to deliver malware is disguising the host site to appear legitimate. @TrellixARC's @guru_pixel dissects real-world examples of this tactic and gives tips on how to avoid being duped. bit.ly/3WVCE2C

In mid-November of 2023, we observed a highly sophisticated Java-based stealer being spread through cracked software zip files. Read to learn more from @guru_pixel, including how the stealer uses a Discord bot channel as an Eventlistener. bit.ly/4aXEq83

Trellix researchers observed a Java-based stealer being spread through cracked software Zip files using JDABuilder Classes to create an instance of the EventListener to register easily. The stealer uses a Discord bot channel as an EventListener. trellix.com/about/newsroom/s…

Threat actors exploiting a Microsoft product are as basic as pumpkin spice. 🎃☕ However, two threat actor groups collaborating adds a bit of a twist. Learn more about Storm-0324 and Sangria Tempest from @TrellixARC's @guru_pixel on the blog. bit.ly/3tm4Dfj

#reverse_engineering #malware #javascript link.medium.com/14YCpD0QgAb

Highly featured apk bot came for sale in darkweb. #bot #android #malware cynesec.com/threat-actor-sel…

heise.de/news/XWorm-RAT-Avir… #heise #germanmedia

Eventos agregados y algunos payloads github.com/Y000o/Payloads_xs…

Forcing Firefox to Execute XSS Payloads during 302 Redirects - gremwell.com/firefox-xss-302

Detecting adversary tradecraft with image load event logging #ThreatHunting #cybersecurity medium.com/threatpunter/dete…

Here is a short blog post showing how a service running with the LocalServiceAndNoImpersonation flag may get all its privileges back. 👌 👉 itm4n.github.io/localservice…

CTFs and Hacking Labs List wechall.net/active_sites ringzer0ctf.com/challenges overthewire.org/wargames root-me.org ctftime.org vulnhub.com hackthebox.eu hack.me #hacking,#CTFs,#cybersecurity,#infosec