Project Zero: This shouldn't have happened: A vulnerability postmortem
https://googleprojectzero.blogspot.com/2021/12/this-shouldnt-have-happened.html
Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809) – Assetnote
https://blog.assetnote.io/2021/11/30/jamf-ssrf/
Project Zero Bugs on Twitter: "nss: memory corruption validating dsa/rsa-pss signatures https://t.co/yAcRzbkkKG" / Twitter
https://twitter.com/ProjectZeroBugs/status/1466080877729894402
Memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures — Mozilla
https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
Jumping the air gap: 15 years of nation‑state effort | WeLiveSecurity
https://www.welivesecurity.com/2021/12/01/jumping-air-gap-15-years-nation-state-effort/
Microsoft Defender scares admins with Emotet false positives
https://www.bleepingcomputer.com/news/microsoft/microsoft-defender-scares-admins-with-emotet-false-positives/
Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread
Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks
https://thehackernews.com/2021/12/hackers-increasingly-using-rtf-template.html
Tracking a P2P network related to TA505 | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2021/12/01/tracking-a-p2p-network-related-with-ta505/
Register for PrivSec Global November 2021 | SpotMe
https://bit.ly/3rk3yl8
APT groups from China, Russia, and India adopt novel attack technique
https://therecord.media/apt-groups-from-china-russia-and-india-adopt-novel-attack-technique/
Cybersecurity Advisory Committee (CSAC) Members | CISA
https://www.cisa.gov/csac-members
Tweet / Twitter
https://twitter.com/GossiTheDog/status/1465976334539231233
Brad on Twitter: "2021-11-30 (Tuesday) - Got this #Emotet epoch 4 email, and everything's still active and able to infect my Windows lab host. Link from email already reported to URLhaus: https://t.co/4wZXT5zmuf https://t.co/BXSORH8hU9" / Twitter
https://twitter.com/malware_traffic/status/1465885327831318529
Smishing Botnets Going Viral in Iran - Check Point Research404 Not FoundBack ButtonSearch IconFilter Icon
https://research.checkpoint.com/2021/smishing-botnets-going-viral-in-iran/
CISA Adds Five Known Exploited Vulnerabilities to Catalog | CISA
https://go.usa.gov/xeysW
Tetrane - Automated Reverse Engineering Platform
https://url.tetrane.com/ZAc8Q/ac0e
Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon — Palisade
https://palisade.consulting/blog/tld-hacking
ProxyShell exploitation leads to BlackByte ransomware - Red Canary
https://redcanary.com/blog/blackbyte-ransomware/
Project Zero Bugs on Twitter: "This shouldn't have happened: A vulnerability postmortem https://t.co/C9XV38mOWg" / Twitter
https://twitter.com/projectzerobugs/status/1466115866471256067
URLhaus | Checking your browser
https://urlhaus.abuse.ch/url/1838032/
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/d25a928416c3614b40c4c57447023f53fa5cc4d4bd5dee5fc68a7e8cbc52d7cb/
GitHub - l0ggg/VMware_vCenter: VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS
https://github.com/l0ggg/VMware_vCenter
InfoSec Jupyterthon 2021 - Day 1 - YouTube
https://aka.ms/Jupyterthon2021Live1
Rasta Mouse on Twitter: "Blog post is up for Patrons https://t.co/TYcL6eeiHo" / Twitter
https://twitter.com/_RastaMouse/status/1464690515723657220
Ethan Mollick on Twitter: "NFT oligarchy? A study of 6.1M NFT trades finds a few folks at the center of the market 🐱 The top 10% of traders account for 85% of transactions & trade at least once 97% of all assets 🦍10% of buyer–seller pairs have the same volume as the remaining 90% https://t.co/V3vytqZZB5 https://t.co/IDr67zl7TI" / Twitter
https://twitter.com/emollick/status/1465505077083389960
Cryptolaemus on Twitter: "#Emotet C2 Deltas as of 2021/11/30 at 17:00UTC+ for E4 and E5 botnets: https://t.co/2LKvi3qcOR" / Twitter
https://twitter.com/Cryptolaemus1/status/1465759086243373058
https://bit.ly/3ChiQsE
https://bit.ly/3ChiQsE
Welcome! | VK
http://VK.com
Lateral Movement with Managed Identities of Azure Virtual Machines | Microsoft 365 Security
https://m365internals.com/2021/11/30/lateral-movement-with-managed-identities-of-azure-virtual-machines/
🇺🇦 Joe Gray aka JOSINT 🇺🇦 on Twitter: "In an unexpected twist, I'm looking for a new role in #Intelligence/#OSINT, #Investigations, or #Cybersecurity/#Infosec & would appreciate any intros or leads. Please RT for reach. I'm open to Full-Time, Part-Time, Temp, or Contract. I prefer remote. I'm also open to travel." / Twitter
https://twitter.com/C_3PJoe/status/1465763225308475392
Vulnerability Research - Check Point Software404 Not FoundBack ButtonSearch IconFilter Icon
https://www.checkpoint.com/pages/vulnerability-research/
InfoSec Jupyterthon 2021 - Day 2 - YouTube
https://aka.ms/Jupyterthon2021Live2
Jen🛡Easterly on Twitter: "I'm thrilled to announce the initial members of @CISAgov's new Cybersecurity Advisory Committee. Couldn’t be more excited to tap into their unique expertise to continue to transform CISA into the premier cyber defense agency our nation needs and deserves. https://t.co/OF2dbxhTNb https://t.co/mTA7Ip7bXW" / Twitter
https://twitter.com/CISAJen/status/1466082346164178950
FBI document shows what data can be obtained from encrypted messaging apps
https://therecord.media/fbi-document-shows-what-data-can-be-obtained-from-encrypted-messaging-apps/
Malware-Traffic-Analysis.net - 2021-11-24 (Wednesday) - "Gigi" campaign pushes BazarLoader, leads to IcedID
https://www.malware-traffic-analysis.net/2021/11/24/index.html