Microsoft Patches
https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20November%202023/30400
Adobe Updates
https://helpx.adobe.com/security/security-bulletin.html
Intel CPU Glitch State Patch
https://lock.cmpxchg8b.com/reptar.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00950.html

Noticing command control channels by reviewing DNS protocols
https://isc.sans.edu/diary/Noticing%20command%20and%20control%20channels%20by%20reviewing%20DNS%20protocols/30396
Passive SSH Key Compromise via Lattices
https://eprint.iacr.org/2023/1711.pdf
Juniper Vulnerabilities Exploited
https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US

Noticing command control channels by reviewing DNS protocols
https://isc.sans.edu/diary/Noticing%20command%20and%20control%20channels%20by%20reviewing%20DNS%20protocols/30396
Passive SSH Key Compromise via Lattices
https://eprint.iacr.org/2023/1711.pdf
Juniper Vulnerabilities Exploited
https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US

Routers Targeted for Gafgyt Botnet
https://isc.sans.edu/forums/diary/Routers%20Targeted%20for%20Gafgyt%20Botnet%20%5BGuest%20Diary%5D/30390/
ScreenConnect used to Attack Healthcare
https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack
Fake Skills Assessment Portals Associated with Sapphire Sleet
https://twitter.com/MsftSecIntel/status/1722316019920728437
OpenVPN Access Server Vulnerabilities
https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/

Routers Targeted for Gafgyt Botnet
https://isc.sans.edu/forums/diary/Routers%20Targeted%20for%20Gafgyt%20Botnet%20%5BGuest%20Diary%5D/30390/
ScreenConnect used to Attack Healthcare
https://www.huntress.com/blog/third-party-pharmaceutical-vendor-linked-to-pharmacy-and-health-clinic-cyberattack
Fake Skills Assessment Portals Associated with Sapphire Sleet
https://twitter.com/MsftSecIntel/status/1722316019920728437
OpenVPN Access Server Vulnerabilities
https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/

Visual Examples of Code Injection
https://isc.sans.edu/diary/Visual%20Examples%20of%20Code%20Injection/30388
SysAid Exploited by Cl0p Ransomware (CVE-2023-47246)
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
WS_FTP Server Update CVE-2023-42659
https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023
Malvertiser copies PC news site to delivery infostealer
https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer
pyArrow/Apache Arrow Vulnerability
https://lists.apache.org/thread/yhy7tdfjf9hrl9vfrtzo8p2cyjq87v7n

Visual Examples of Code Injection
https://isc.sans.edu/diary/Visual%20Examples%20of%20Code%20Injection/30388
SysAid Exploited by Cl0p Ransomware (CVE-2023-47246)
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
WS_FTP Server Update CVE-2023-42659
https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023
Malvertiser copies PC news site to delivery infostealer
https://www.malwarebytes.com/blog/threat-intelligence/2023/11/malvertiser-copies-pc-news-site-to-deliver-infostealer
pyArrow/Apache Arrow Vulnerability
https://lists.apache.org/thread/yhy7tdfjf9hrl9vfrtzo8p2cyjq87v7n

Example of a Phishing Campaing Project File
https://isc.sans.edu/diary/Example%20of%20Phishing%20Campaign%20Project%20File/30384
Cryptomining with Microsoft Azure Automation Services
https://www.safebreach.com/blog/cryptocurrency-miner-microsoft-azure
Windows 11 Insider Changing Firewall Behaviour
https://blogs.windows.com/windows-insider/2023/11/08/announcing-windows-11-insider-preview-build-25992-canary-channel/
CISA Adds SLP Vulnerability to Known Exploited Vulnerabilty List
https://www.cisa.gov/news-events/alerts/2023/11/08/cisa-adds-one-known-exploited-vulnerability-catalog

Example of a Phishing Campaing Project File
https://isc.sans.edu/diary/Example%20of%20Phishing%20Campaign%20Project%20File/30384
Cryptomining with Microsoft Azure Automation Services
https://www.safebreach.com/blog/cryptocurrency-miner-microsoft-azure
Windows 11 Insider Changing Firewall Behaviour
https://blogs.windows.com/windows-insider/2023/11/08/announcing-windows-11-insider-preview-build-25992-canary-channel/
CISA Adds SLP Vulnerability to Known Exploited Vulnerabilty List
https://www.cisa.gov/news-events/alerts/2023/11/08/cisa-adds-one-known-exploited-vulnerability-catalog

What's Normal: New uses of DNS, Discovery of Designated Resolvers (DDR)
https://isc.sans.edu/diary/What%27s%20Normal%3A%20New%20uses%20of%20DNS%2C%20Discovery%20of%20Designated%20Resolvers%20%28DDR%29/30380
BlueNoroff macOS Malware
https://www.jamf.com/blog/bluenoroff-strikes-again-with-new-macos-malware/
Emphasizing Security by Default wiht Advanced Microsoft Authenticator Features
https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/emphasizing-security-by-default-with-advanced-microsoft/ba-p/3773130