GitHub - kkent030315/CVE-2022-42046: CVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM
https://github.com/kkent030315/CVE-2022-42046
{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF | Claroty
https://claroty.com/team82/research/js-on-security-off-abusing-json-based-sql-to-bypass-waf
W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names
https://thehackernews.com/2022/12/w4sp-stealer-discovered-in-multiple.html
Notice of Recent Security Incident - The LastPass Blog
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
Password Scrambler (JavaScript version)
https://hasherezade.github.io/passcrambler/
Hackers exploit bug in WordPress gift card plugin with 50K installs
https://www.bleepingcomputer.com/news/security/hackers-exploit-bug-in-wordpress-gift-card-plugin-with-50k-installs/
Learning Linux Kernel Exploitation - Part 3 - Midas Blog
https://lkmidas.github.io/posts/20210205-linux-kernel-pwn-part-3/
word-image-47.png (1849×1242)
https://ti.dbappsecurity.com.cn/blog/wp-content/uploads/2021/01/word-image-47.png
A New PyRDP Release: The Rudolph Desktop Protocol! - GoSecure
https://www.gosecure.net/blog/2022/12/23/a-new-pyrdp-release-the-rudolph-desktop-protocol/
GitHub - deepinstinct/Lsass-Shtinkering
https://github.com/deepinstinct/Lsass-Shtinkering
Learning Linux Kernel Exploitation - Part 2 - Midas Blog
https://lkmidas.github.io/posts/20210128-linux-kernel-pwn-part-2/
LsassShtinkering.md · GitHub
https://gist.github.com/Antonlovesdnb/e738c5a745e3513bf2d0c71c4f13a29c
CVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF – Hacktive Security Blog
https://blog.hacktivesecurity.com/index.php/2022/12/21/cve-2022-2602-dirtycred-file-exploitation-applied-on-an-io_uring-uaf/
Jacob Baines on Twitter: "It's ridiculious that neither the Linux kernel devs or @thezdi requested CVE for ZDI-22-1690. Thanks to Marcus Meissner for actually caring. https://t.co/VyXJn7o2WW" / Twitter
https://twitter.com/Junior_Baines/status/1606253804088745986
No-limits relationship? China’s state hackers scoop up intelligence on Ukraine… and Russia – Intrusion Truth
https://intrusiontruth.wordpress.com/2022/12/24/no-limits-relationship-chinas-state-hackers-scoop-up-intelligence-on-ukraine-and-russia/
DirtyCred Remastered | LukeGix
https://exploiter.dev/blog/2022/CVE-2022-2602.html
Learning Linux Kernel Exploitation - Part 1 - Midas Blog
https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/
A Technical Analysis of CVE-2022-22583 and CVE-2022-32800
https://research.trendmicro.com/3hFfivW
Expanding Your Security… by Andy Gill [Leanpub PDF/iPad/Kindle]
https://leanpub.com/LTR102-Expanding-Your-Security-Horizons![Expanding Your Security… by Andy Gill [Leanpub PDF/iPad/Kindle]](/image/screenshot/58afd2ff4c7dad908eb70cbf27bc3ba7.webp)
Welcome to Comprehensive Rust 🦀 - Comprehensive Rust 🦀
https://google.github.io/comprehensive-rust/
Exclusive: Twitter removes suicide prevention feature, says it's under revamp | Reuters
https://www.reuters.com/technology/elon-musk-orders-removal-twitter-suicide-prevention-feature-sources-say-2022-12-23/
【復旧】12月23日、24日に発生しました障害に関するご報告 - skeb_jp - Medium
https://medium.com/skeb-jp/report-36b5608aa867
Faithless on Twitter: "We are heartbroken to say Maxi Jazz died peacefully in his sleep last night. He was a man who changed our lives in so many ways. He gave proper meaning and a message to our music. He was a lovely human being with time for everyone and wisdom that was both profound and accessible. https://t.co/VcFe7OpTh6" / Twitter
https://twitter.com/faithless/status/1606688624803823616
EvilMog on Twitter: "https://t.co/luqE6bTGvE" / Twitter
https://twitter.com/Evil_Mog/status/1606318587463237633
0day.today Agreement - 0day.today Exploit Database : vulnerability : 0day : new exploits : buy and sell private exploit : shellcode by 0day Today Team
https://0day.today/exploit/description/38125
IcedID_12_23_2022.txt · GitHub
https://gist.github.com/myrtus0x0/8876c9c3d5e31a9faaf562026cccb258
SlowMist: Investigation of North Korean APT’s Large-Scale Phishing Attack on NFT Users | by SlowMist | Dec, 2022 | Medium
https://slowmist.medium.com/slowmist-our-in-depth-investigation-of-north-korean-apts-large-scale-phishing-attack-on-nft-users-362117600519
A Deep Dive Into Samsung's TrustZone (Part 2)
https://blog.quarkslab.com/a-deep-dive-into-samsungs-trustzone-part-2.html
Revealed: The Israeli Firm Selling ‘Dystopian’ Hacking Capabilities - National Security & Cyber - Haaretz.com
https://www.haaretz.com/israel-news/security-aviation/2022-12-23/ty-article-magazine/.premium/revealed-the-israeli-firm-selling-dystopian-hacking-capabilities/00000185-0bc6-d26d-a1b7-dbd739100000?utm_source=App_Share&utm_medium=iOS_Native
Releases · Yamato-Security/hayabusa
https://github.com/Yamato-Security/hayabusa/releases
TikTok parent company ByteDance revealed the use of TikTok data to track journalistsSecurity Affairs
https://securityaffairs.co/wordpress/139959/intelligence/tiktok-use-data-track-journalists.html
VRN Comics
https://www.vrncomics.com