KdcSponge, NGLite, Godzilla Webshell Used in Targeted Attack Campaign
https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge/
GitHub - zeronetworks/rpcfirewall
https://github.com/zeronetworks/rpcfirewall
Scammer Convinced Instagram That Its Top Executive Was Dead
https://www.vice.com/en/article/7kb9by/adam-mosseri-dead-instagram-account-locked
CVE-2021-40449 Exploitation | Kristal’s Notebook
https://kristal-g.github.io/2021/11/05/CVE-2021-40449_POC.html
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2021/11/08/ta505-exploits-solarwinds-serv-u-vulnerability-cve-2021-35211-for-initial-access/
CVE-2021-42321 - Security Update Guide - Microsoft - Microsoft Exchange Server Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-42321
Robinhood discloses security breach and extortion attempt
https://therecord.media/robinhood-discloses-security-breach-and-extortion-attempt/
Detecting NTLM Relay Attacks. It is possible to detect NTLM relaying… | by Mehmet Ergene | Medium
https://link.medium.com/8MlpY7NU2kb
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus - Microsoft Security Blog
https://msft.it/6018kTtKk
Threat Hunting Certificate Account Persistence | Pentest Laboratories
https://pentestlaboratories.com/2021/11/08/threat-hunting-certificate-account-persistence/
Microsoft Threat Intelligence on Twitter: "Following @Unit42_intel's great work, we're sharing our latest research, detection info, and hunting resources on DEV-0322 exploiting unpatched ZOHO ManageEngine ADSelfService Plus: https://t.co/8C9fQd3wq5" / Twitter
https://twitter.com/MsftSecIntel/status/1457868669300654080
Europol: Seven REvil/GandCrab ransomware affiliates were arrested in 2021
https://therecord.media/europol-seven-revil-gandcrab-ransomware-affiliates-were-arrested-in-2021/
https://rawcdn.githack.com/campuscodi/Microsoft-Patch-Tuesday-Security-Reports/f18c781b4406271bd289b4f2f112f9e4c7b27de5/Reports/MSRC_CVEs2021-Nov.html
https://rawcdn.githack.com/campuscodi/Microsoft-Patch-Tuesday-Security-Reports/f18c781b4406271bd289b4f2f112f9e4c7b27de5/Reports/MSRC_CVEs2021-Nov.html
ℵ₁ @[email protected] on Twitter: "Today Smashing the Stack for Fun and Profit is 25 years old. Older than I was when I wrote it." / Twitter
https://twitter.com/aleph_one/status/1457733413155131399
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus - Microsoft Security Blog
https://www.microsoft.com/security/blog/2021/11/08/threat-actor-dev-0322-exploiting-zoho-manageengine-adselfservice-plus/
GT investigates: Hacking China's medical institutes at COVID-19 outbreak, targeting aerospace firms during China's space missions – Cyberattacks from India disclosed - Global Times
https://www.globaltimes.cn/page/202111/1238218.shtml
Marcel Böhme👨🔬 on Twitter: "#FUZZING22 invites submissions of Registered Report drafts (Full Paper sans eval) until 06 Jan'22! 🔥🔥 🔗 https://t.co/ZmSR3npI9P 🧰 https://t.co/JovBW5QbfM (our publication model) 🌎 https://t.co/xuuAbb2hVP (co-located) 👋 @baishakhir @c_cadar @lszekeres and YT (organizers) https://t.co/vSoQrMSskd" / Twitter
https://twitter.com/mboehme_/status/1458018722489290752
URL and website scanner - urlscan.io
http://urlscan.io
Mining The Shadows with ZoidbergStrike: A Scanner for Cobalt Strike - YouTube
https://youtu.be/MWr6bvrrYHQ
Shodan Search Engine
https://www.shodan.io/search?query=product%3A%22Cobalt%20Strike%20Beacon%22
Katie🌻Moussouris (she/her) on Twitter: "Hey we are hiring a security PM or two soon, typical employment background check required Email careers@Lutasecurity if you are able to fit some fun part time security PM work into your life & don’t mind the bg check (client requirement, no exceptions). Please ask q’s via email" / Twitter
https://twitter.com/k8em0/status/1458118068127744005
The MOST IMPORTANT advice for young hackers - YouTube
https://www.youtube.com/watch?v=0Ejj2aBG5c8
The Terrier on Twitter: "Help I’ve been giggling about this for an hour. https://t.co/GnmE4gtBiB" / Twitter
https://twitter.com/JackShawhan/status/1457951413368016899
Way West Conference - Wild West Hackin' Fest
https://wildwesthackinfest.com/way-west/
New Tool: cs-extract-key.py | Didier Stevens
https://blog.didierstevens.com/2021/11/03/new-tool-cs-extract-key-py/
New Critical Vulnerabilities Found on Nucleus TCP/IP Stack - Forescout
https://www.forescout.com/blog/new-critical-vulnerabilities-found-on-nucleus-tcp-ip-stack/
Multifactor authentication (MFA) | CISA
http://cisa.gov/publication/multi-factor-authentication-mfa
client-side-prototype-pollution/README.md at master · BlackFan/client-side-prototype-pollution · GitHub
https://github.com/BlackFan/client-side-prototype-pollution/blob/master/README.md
Robinhood Trading App Suffers Data Breach Exposing 7 Million Users' Information
https://thehackernews.com/2021/11/robinhood-trading-app-suffers-data.html