Five affiliates to Sodinokibi/REvil unplugged | Europol
https://www.europol.europa.eu/newsroom/news/five-affiliates-to-sodinokibi/revil-unplugged
KdcSponge, NGLite, Godzilla Webshell Used in Targeted Attack Campaign
https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/
Hackers have breached organizations in defense and other sensitive sectors, security firm says | CNN Politics
https://www.cnn.com/2021/11/07/politics/hackers-defense-contractors-energy-health-care-nsa/index.html
Europol: Seven REvil/GandCrab ransomware affiliates were arrested in 2021
https://therecord.media/europol-seven-revil-gandcrab-ransomware-affiliates-were-arrested-in-2021/
Shodan Search Engine
https://www.shodan.io/search?query=product%3A%22Cobalt%20Strike%20Beacon%22
Six Palestinian human rights defenders hacked with NSO Group’s Pegasus Spyware | Front Line Defenders
https://www.frontlinedefenders.org/en/statement-report/statement-targeting-palestinian-hrds-pegasus
RedOps - RedOps
https://www.infosec.tirol/master-of-puppets-part-ii-how-to-tamper-the-edr/
ℵ₁ @[email protected] on Twitter: "Today Smashing the Stack for Fun and Profit is 25 years old. Older than I was when I wrote it." / Twitter
https://twitter.com/aleph_one/status/1457733413155131399
An Overview of the GDPR AI-Data Governance Control Framework | Udemy
https://www.udemy.com/how-to-implement-ai-data-governance-control-framework/
Five affiliates to Sodinokibi/REvil unplugged | Europol
http://ow.ly/J6Jg50GIl93
Kerberoast with OpSec | Microsoft 365 Security
https://m365internals.com/2021/11/08/kerberoast-with-opsec/
REvil ransomware: US seizes $6 million in ransom payments and expected to charge Ukrainian over major cyberattack | CNN Politics
https://www.cnn.com/2021/11/08/politics/revil-ransomware-attack-charges/index.html
US Treasury sanctions crypto-exchange Chatex for links to ransomware payments
https://therecord.media/us-treasury-sanctions-crypto-exchange-chatex-for-links-to-ransomware-payments/
Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets - Atlantic Council
https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/surveillance-technology-at-the-fair/
Ukrainian Arrested and Charged with Ransomware Attack on Kaseya | OPA | Department of Justice
https://www.justice.gov/opa/pr/ukrainian-arrested-and-charged-ransomware-attack-kaseya
Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory - YouTube
https://www.youtube.com/watch?v=rpsnPwdxTnA
US seeks extradition of alleged Ukrainian scammer arrested at Polish border stop | CyberScoop
https://www.cyberscoop.com/yaroslav-vasinskyi-arrest-poland-us-hacker/
Pre-IDF program seeking young women to train in cybersecurity skills | The Times of Israel
https://www.timesofisrael.com/pre-idf-program-seeking-young-women-to-train-in-cybersecurity-skills/
REvil ransomware affiliates arrested in Romania and Kuwait
https://www.bleepingcomputer.com/news/security/revil-ransomware-affiliates-arrested-in-romania-and-kuwait/
vx-underground on Twitter: ".@Europol has announced on November 4th they arrested 2 affiliates of REvil in Romania and an additional affiliate in Kuwait. They've also introduced the ANTI-REVIL Team. Read the press release here: https://t.co/4kpoR5iJKr" / Twitter
https://twitter.com/vxunderground/status/1457714640859897861
YEVGYENIY IGORYEVICH POLYANIN — FBI
https://go.usa.gov/xebuW
State hackers breach defense, energy, healthcare orgs worldwide
https://www.bleepingcomputer.com/news/security/state-hackers-breach-defense-energy-healthcare-orgs-worldwide/
Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory – Didier Stevens Videos
https://videos.didierstevens.com/2021/11/07/decrypting-cobalt-strike-traffic-with-keys-extracted-from-process-memory/
Treasury Continues to Counter Ransomware as Part of Whole-of-Government Effort; Sanctions Ransomware Operators and Virtual Currency Exchange | U.S. Department of the Treasury
https://home.treasury.gov/news/press-releases/jy0471
fail0verflow on Twitter: "Another one bites the dust 😎 https://t.co/Y1ty93AvaE" / Twitter
https://twitter.com/fail0verflow/status/1457499576676634625
Devices of Palestinian Human Rights Defenders Hacked with NSO Group’s Pegasus Spyware - The Citizen Lab
https://citizenlab.ca/2021/11/palestinian-human-rights-defenders-hacked-nso-groups-pegasus-spyware/
Stop Ransomware | CISA
http://StopRansomware.gov
Robinhood Announces Data Security Incident (Update) — Under the Hood
https://blog.robinhood.com/news/2021/11/8/data-security-incident
GitHub - GhostPack/Rubeus: Trying to tame the three-headed dog.
https://github.com/GhostPack/Rubeus
Tweet / Twitter
https://twitter.com/campuscodi/status/1457721740277293058
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access/
Two NPM Packages With 22 Million Weekly Downloads Found Backdoored
https://thehackernews.com/2021/11/two-npm-packages-with-22-million-weekly.html
Recover Deleted Messages- Save - Apps on Google Play
https://bit.ly/3tQlS2A
Treasury Department on Twitter: "Continuing the Administration’s whole-of-government effort to counter ransomware, today Treasury announced a set of actions focused on disrupting criminal ransomware actors and virtual currency exchanges that launder the proceeds of ransomware. https://t.co/vfL5WHQAMc" / Twitter
https://twitter.com/ustreasury/status/1457782786392145927
KdcSponge, NGLite, Godzilla Webshell Used in Targeted Attack Campaign
https://bit.ly/3wsC3X6
~ on Twitter: "Mediamarkt (allegedly) hit by ransomware. Mediamarkt would be comparable to Curry’s or Bestbuy. Not sure if it’s just NL or also other countries" / Twitter
https://twitter.com/nemesis09/status/1457685076557377543
Volatility Labs: Memory Forensics R&D Illustrated: Detecting Mimikatz's Skeleton Key Attack
https://volatility-labs.blogspot.com/2021/10/memory-forensics-r-illustrated.html
BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups
https://thehackernews.com/2021/11/blackberry-uncover-initial-access.html
US arrests and charges Ukrainian man for Kaseya ransomware attack
https://therecord.media/us-arrests-and-charges-ukrainian-man-for-kaseya-ransomware-attack/