Cryptolaemus on Twitter: "Update on #Emotet. We are noticing now that bots are starting to spam on what we are calling the Epoch 4 botnet. There is only attachment based malspam seen so far with .docm or .xlsm(really XLSM with a lame AF Template "Excell") or password protected ZIPs(operation ZipLock). 1/x" / Twitter
https://twitter.com/cryptolaemus1/status/1460403592658145283
SANS.edu Internet Storm Center on Twitter: "ISC diary: Emotet returns on Monday 2021-11-15, and @malware_traffic reviews recent activity https://t.co/8sTpgLAjX8 https://t.co/Ed8CEqqwBy" / Twitter
https://twitter.com/sans_isc/status/1460492865243648001
Cyber Security Training Events | SANS Institute
http://sans.org/u/1gvq
VBA deobfuscation - Emotet XLSM · GitHub
https://gist.github.com/DissectMalware/92de377c6570f899439d150ac1cf25eb
Emotet malware is back and rebuilding its botnet via TrickBot
https://www.bleepingcomputer.com/news/security/emotet-malware-is-back-and-rebuilding-its-botnet-via-trickbot/
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://i5c.us/d28044
Tommy M (TheAnalyst) on Twitter: "XLSM: https://t.co/DNgzNKxsdJ Same payload URLs previously posted on URLHaus" / Twitter
https://twitter.com/ffforward/status/1460427414723612680
UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests | Mandiant
https://www.mandiant.com/resources/unc1151-linked-to-belarus-government
5G Things Summit 2021 - Agenda - Ericsson
https://bit.ly/3EFL8P8
Guess who’s back – cyber.wtf
https://cyber.wtf/2021/11/15/guess-whos-back/
SharkBot — A New Android Trojan Stealing Banking and Cryptocurrency Accounts
https://thehackernews.com/2021/11/sharkbot-new-android-trojan-stealing.html
BlackBerry on Twitter: "The hunter becomes the hunted. Finding Beacons in the Dark: A Guide to Cyber Threat Intelligence, is now available. Get your copy of this must-read book for the threat intelligence community. 📖 https://t.co/kxbAS4gyyj https://t.co/qDnxQ4GkMW" / Twitter
https://twitter.com/BlackBerry/status/1460593736241590272
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/211116-bzlv2scaa5/
CAPE Sandbox
https://capesandbox.com/analysis/205987
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/211116-p1sa4saggq
Researchers Demonstrate New Way to Detect MitM Phishing Kits in the Wild
https://thehackernews.com/2021/11/researchers-demonstrate-new-way-to.html
Alan Paller, a Mover on Cybersecurity Threat, Is Dead at 76 - The New York Times
https://www.nytimes.com/2021/11/15/technology/alan-paller-dead.html
Strategic web compromises in the Middle East with a pinch of Candiru | WeLiveSecurity
https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/
How I Hacked Google App Engine: Anatomy of a Java Bytecode Exploit | Considerations on Codecrafting
https://blog.polybdenum.com/2021/05/05/how-i-hacked-google-app-engine-anatomy-of-a-java-bytecode-exploit.html
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/4542b8c45774d373fa16dad8f2895e86a576fd609ac1ecc8fe5a1d8d45f3f7c8/
GitHub - Sh0ckFR/InlineWhispers2: Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
https://github.com/Sh0ckFR/InlineWhispers2
Hackers Compromised Middle East Eye News Website to Hack Visitors, Researchers Say
https://www.vice.com/en/article/pkpbdm/hackers-compromised-middle-east-eye-news-website-to-hack-visitors-researchers-say
Feodo Tracker | Browse Botnet C&Cs
https://feodotracker.abuse.ch/browse/emotet/
Malvertising (AD Network) - Pastebin.com
https://pastebin.com/DCJBk2f4
Cryptolaemus on Twitter: "This is our 3rd anniversary of Cryptolaemus1. Thanks for all the follows and sharing of intel these past 3 years! To celebrate, Ivan has released a new version of Emotet because he feels left out and wants to be part of the party. More details coming soon. As always watch URLHaus https://t.co/Qwvel32ibB" / Twitter
https://twitter.com/Cryptolaemus1/status/1460302706954981385
MP4 Video Downloader - Apps on Google Play
https://bit.ly/3wZe7KB
WINHELLO2hashcat
https://hashcat.net/forum/thread-10461.html
‘Ghostwriter’ Looks Like a Purely Russian Op—Except It's Not | WIRED
https://www.wired.com/story/ghostwriter-hackers-belarus-russia-misinformationo/
Exchange Exploit Leads to Domain Wide Ransomware
https://thedfirreport.com/2021/11/15/exchange-exploit-leads-to-domain-wide-ransomware/
LIVE #Trickbot C2 servers [20211115] - Pastebin.com
https://pastebin.com/35mhCsw2![LIVE #Trickbot C2 servers [20211115] - Pastebin.com](/image/screenshot/2715f8eed4477bfc36e822c60f547092.webp)
New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks
https://thehackernews.com/2021/11/new-moses-staff-hacker-group-targets.html
GitHub - ashishb/android-security-awesome: A collection of android security related resources
https://github.com/ashishb/android-security-awesome