Evil Corp: 'My hunt for the world's most wanted hackers' - BBC News
https://www.bbc.co.uk/news/technology-59297187
Analysis https://kapokcoffee.com/wp-includes/K18qsSDTalKOwUyamOOR25Ui/ Malicious activity - Interactive analysis ANY.RUN
https://app.any.run/tasks/58cf184b-46d9-422c-873a-58239ef8387d/
Record number of cyber incidents mitigated as NCSC... - NCSC.GOV.UK
http://www.ncsc.gov.uk/news/record-number-mitigated-incidents
Ollie Whitehouse on Twitter: "The security implications if 127.1.0.0 - 127.255.255.255 becomes Internet routable is hard to quantify. It feels wise to err on the side of caution and not.. .. if it does you have to think bug bounty players, APT and everyone else going to be like🤑 https://t.co/pyzgkqT1xH https://t.co/8wCdXwCO0J" / Twitter
https://twitter.com/ollieatnccgroup/status/1460857181906116609
GitHub - JPCERTCC/EmoCheck: Emotet detection tool for Windows OS
https://github.com/JPCERTCC/EmoCheck
IETF - 404 - Not Found
https://www.ietf.org/id/draft-schoen-intarea-unicast-127-00.html
All Your Beacon Are Belong to Us: New BlackBerry Book Cracks Code of Cobalt Strike Threat Actors
https://blogs.blackberry.com/en/2021/11/all-your-beacon-are-belong-to-us-new-blackberry-book-cracks-code-of-cobalt-strike-threat-actors
CVE-2021- 42306: CredManifest | Critical Vulnerability Found in Microsoft Azure
https://www.netspi.com/blog/technical/cloud-penetration-testing/azure-cloud-vulnerability-credmanifest/
XSinator - XS-Leak Browser Test Suite
http://XSinator.com
Analysis Center on Twitter: "停止していたマルウェアEmotetの感染を狙った活動が再開していることを観測しています。 現在見られている検体はEmoCheckで検知できることを確認していますので、ご活用ください。^KK https://t.co/mduesthaWO https://t.co/m68qOPHMvE" / Twitter
https://twitter.com/jpcert_ac/status/1460774825580908545
ExternalC2.NET – Rasta Mouse
https://rastamouse.me/externalc2-net/
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021 - Microsoft Security Blog
https://www.microsoft.com/security/blog/2021/11/16/evolving-trends-in-iranian-threat-actor-activity-mstic-presentation-at-cyberwarcon-2021/
pwn.college
http://pwn.college
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/9fc9eb14ef8cae1832d29e2b831fef33ad1fdd27de590f1d7727dc58f260992e/
From Logic to Memory: Winning the Solitaire in Reparse Points - Black Hat Europe 2021 | Briefings Schedule
https://www.blackhat.com/eu-21/briefings/schedule/#from-logic-to-memory-winning-the-solitaire-in-reparse-points-24731
Joe Tidy on Twitter: "Evil Corp: 'My hunt for the world's most wanted hackers'. Many people on the FBI's Cyber Most Wanted list are Russian. If they left Russia they'd be arrested but at home they appear to be given free rein. Me and @skazal_on went to try to find them https://t.co/EQcdHlzEdh" / Twitter
https://twitter.com/joetidy/status/1460839319598510083
Strategic web compromises in the Middle East with a pinch of Candiru | WeLiveSecurity
https://www.welivesecurity.com/2021/11/16/strategic-web-compromises-middle-east-pinch-candiru/
GitHub - redcanaryco/AtomicTestHarnesses: Public Repo for Atomic Test Harness
https://github.com/redcanaryco/AtomicTestHarnesses
UNC1151 Assessed with High Confidence to have Links to Belarus, Ghostwriter Campaign Aligned with Belarusian Government Interests | Mandiant
https://www.mandiant.com/resources/unc1151-linked-to-belarus-government
Russian ransomware gangs start collaborating with Chinese hackers
https://www.bleepingcomputer.com/news/security/russian-ransomware-gangs-start-collaborating-with-chinese-hackers/
Cybersecurity and Infrastructure Security Agency on Twitter: "An Iranian government-sponsored APT group is exploiting Fortinet & Microsoft Exchange ProxyShell vulnerabilities to gain access to systems & deploy ransomware. Read our joint Advisory with @FBI, @CyberGovAU, & @NCSC to reduce your risk: https://t.co/W96k2p4W9S #StopRansomware https://t.co/tq0ZjdkY9i" / Twitter
https://twitter.com/CISAgov/status/1460972834554093570
It's been one year since Trump fired the CISA director - The Washington Post
https://www.washingtonpost.com/politics/2021/11/17/it-been-one-year-since-trump-fired-cisa-director/
Netgear patches severe pre-auth RCE in 61 router and modem models
https://therecord.media/netgear-deals-with-its-fifth-wave-of-severe-rce-bugs-this-year/