Bypassing WAFs with the Phantom Version Cookie
https://portswigger.net/research/bypassing-wafs-with-the-phantom-version-cookie
URL File NTLM Hash Disclosure
https://blog.0patch.com/2024/12/url-file-ntlm-hash-disclosure.html
Ultralytics Library Infected with Miner
https://github.com/ultralytics/ultralytics/issues/18027#issuecomment-2521578169
DaMAgeCard attack targets memory directly thru SD card reader
https://swarm.ptsecurity.com/new-dog-old-tricks-damagecard-attack-targets-memory-directly-thru-sd-card-reader/

Business E-Mail Compromise
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Business%20Email%20Compromise/31474
Where There s Smoke, There s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day
https://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day/
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029
Lorex 2K Indoor Wi-Fi Security Camera
https://www.rapid7.com/globalassets/_pdfs/research/pwn2own-iot-2024-lorex-2k-indoor-wi-fi-security-camera-research.pdf
https://www.lorex.com/products/2k-indoor-wi-fi-security-camera
HPE Aruba Vulnerabilities
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04761en_us&docLocale=en_US
Alan Paller Inducted into the Cybersecurity Hall of Fame
https://cybersecurityhalloffame.org/

Data Analysis: The Unsung Hero of Cybersecurity Expertise
https://isc.sans.edu/diary/Data%20Analysis%3A%20The%20Unsung%20Hero%20of%20Cybersecurity%20Expertise%20%5BGuest%20Diary%5D/31494
FBI Warns iPhone and Android Users Stop Sending Texts
https://www.forbes.com/sites/zakdoffman/2024/12/03/fbi-warns-iphone-and-android-users-stop-sending-texts/
IdentityIQ Improper Access Control Vulnerability CVE-2024-10905
https://www.sailpoint.com/security-advisories/identityiq-improper-access-control-vulnerability-cve-2024-10905
Solana web3.js Backdoor
https://socket.dev/blog/supply-chain-attack-solana-web3-js-library

Extracting Files Embedded Inside Word Documents
https://isc.sans.edu/diary/Extracting%20Files%20Embedded%20Inside%20Word%20Documents/31486
Korea arrests CEO for adding DDoS feature to satellite receivers
https://www.bleepingcomputer.com/news/security/korea-arrests-ceo-for-adding-ddos-feature-to-satellite-receivers/
Veeam Vulnerabilities
https://www.veeam.com/kb4679
WPTaskScheduler Presistence and CVE-2024-49039 PoC
https://github.com/je5442804/WPTaskScheduler_CVE-2024-49039

Credential Guard and Kerberos delegation
https://isc.sans.edu/diary/Credential%20Guard%20and%20Kerberos%20delegation/31488
The Day We Unveiled the Secret Rotation Illusion
https://www.clutch.security/blog/the-day-we-unveiled-the-secret-rotation-illusion
Corrupt Word Documents used in Phshing
https://x.com/anyrun_app/status/1861024182210900357
IBM Security Verify Access Appliance Vulnerabilities
https://www.ibm.com/support/pages/security-bulletin-multiple-security-vulnerabilities-were-found-ibm-security-verify-access-appliance-cve-2024-49803-cve-2024-49804-cve-2024-49805-cve-2024-49806

AWS DShield Sensor + DShield SIEM
https://isc.sans.edu/diary/SANS%20ISC%20Internship%20Setup%3A%20AWS%20DShield%20Sensor%20%2B%20DShield%20SIEM%20%5BGuest%20Diary%5D/31480
From a Regular Infostealer to its Obfuscated Version
https://isc.sans.edu/diary/From%20a%20Regular%20Infostealer%20to%20its%20Obfuscated%20Version/31484
Credit Card Skimmer Malware Targeting Magento Checkout Pages
https://blog.sucuri.net/2024/11/credit-card-skimmer-malware-targeting-magento-checkout-pages.html
LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux
https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux
Stickers:
https://isc.sans.edu/stickers.html (code PODCAST)

Using Zeek, Snort, and Grafana to Detect Crypto Mining Malware
https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Using%20Zeek%2C%20Snort%2C%20and%20Grafana%20to%20Detect%20Crypto%20Mining%20Malware/31472
The Nearest Neighbor Attack: How A Russian APT Weaponized Nearby Wi-Fi Networks for Covert Access
https://www.volexity.com/blog/2024/11/22/the-nearest-neighbor-attack-how-a-russian-apt-weaponized-nearby-wi-fi-networks-for-covert-access/
Introducing NachoVPN: One VPN Server to Pwn Them All
https://blog.amberwolf.com/blog/2024/november/introducing-nachovpn---one-vpn-server-to-pwn-them-all/
Keycloak Patches
https://github.com/keycloak/keycloak/security/advisories/GHSA-93ww-43rr-79v3
Palo Alto Networks Global Protect App
https://security.paloaltonetworks.com/CVE-2024-5921
PHP Updates
https://github.com/php/php-src/security/advisories/GHSA-g665-fm4p-vhff

Quick & Dirty Obfuscated JavaScript Analysis
https://isc.sans.edu/diary/Quick%20%26%20Dirty%20Obfuscated%20JavaScript%20Analysis/31468
Decrypting a PDF With a User Password
https://isc.sans.edu/diary/Decrypting%20a%20PDF%20With%20a%20User%20Password/31466
The strange case of disappearing Russian servers
https://isc.sans.edu/diary/The%20strange%20case%20of%20disappearing%20Russian%20servers/31476
QNAP Buggy Firmware Update
https://community.qnap.com/t/firmware-qts-5-2-2-2950-build-20241114-released/254
7-ZIP Zstandard Decompression Integer Underflow
https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
https://7-zip.org/download.html

Increase In Phishing SVG Attachments
https://isc.sans.edu/diary/Increase%20In%20Phishing%20SVG%20Attachments/31456
Logging blind spot revealed in FortiClient VPN
https://pentera.io/blog/FortiClient-VPN_logging-blind-spot-revealed/
Needrestart Vulnerability
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt

Apple Patches Two Exploited Vulnerabilities
https://isc.sans.edu/diary/Apple%20Fixes%20Two%20Exploited%20Vulnerabilities/31452
Oracle Patch for Agile Product Lifecycle Management CVE-2024-21287
https://www.oracle.com/security-alerts/alert-cve-2024-21287.html
OFBiz Patches CVE-2024-47208 CVE-2024-48962
https://nvd.nist.gov/vuln/detail/CVE-2024-47208
https://seclists.org/oss-sec/2024/q4/95
D-Link Warns of Vulnerability in EOL Devices
https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10415