U.S. State Department phones hacked with Israeli company spyware - sources | Reuters
https://www.reuters.com/technology/exclusive-us-state-department-phones-hacked-with-israeli-company-spyware-sources-2021-12-03/
vx-underground on Twitter: "Ragnar Locker ransomware group took screenshots of their targets Cybersecurity Incident Response meeting mid-breach. * Image censored to comply with Twitters Terms of Service * Watermark is Ragnar Locker's - not ours. We did not apply it. https://t.co/1I9ik7LFdf" / Twitter
https://twitter.com/vxunderground/status/1466523987031302145
InfoSec Jupyterthon 2021 - Day 2 - YouTube
https://aka.ms/Jupyterthon2021Live2
A mysterious threat actor is running hundreds of malicious Tor relays
https://therecord.media/a-mysterious-threat-actor-is-running-hundreds-of-malicious-tor-relays/
Exploit Reversing – A blog about malware analysis, reverse engineering, programming and Windows internals.
https://exploitreversing.com/
Tom Warren on Twitter: "Microsoft's new Edge prompts also call Chrome a "so 2008" browser when you try and download it 🙃 https://t.co/EacZ76To8Q https://t.co/qd2TsDpgUp" / Twitter
https://twitter.com/tomwarren/status/1466435235818745862
New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers
https://thehackernews.com/2021/12/new-payment-data-sealing-malware-hides.html
Joseph Menn on Twitter: "NSO spyware was used to hack phones of US State Department employees, sources told us: https://t.co/8uSObLmheG" / Twitter
https://twitter.com/josephmenn/status/1466809022250577921
Azure Privilege Escalation via Azure API Permissions Abuse | by Andy Robbins | Posts By SpecterOps Team Members
https://posts.specterops.io/azure-privilege-escalation-via-azure-api-permissions-abuse-74aee1006f48
[CVE-2021-42008] Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver
https://syst3mfailure.io/sixpack-slab-out-of-bounds![[CVE-2021-42008] Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver](/image/screenshot/8f64768cc684b13cfea373b0951f3fa3.webp)
strandjs - @[email protected] on Twitter: "Quotes that indicate a security program is in trouble. "We spend $$$$$ on security!" "We log X petabytes a day!" "Our EDR would catch that!" "We have a SIEM!" "Our CIO is a CISSP!" "We know Kali!" "We have a policy for that!" What's yours?" / Twitter
https://twitter.com/strandjs/status/1466448430272856067
SideCopy APT: Connecting lures to victims, payloads to infrastructure
https://blog.malwarebytes.com/threat-intelligence/2021/12/sidecopy-apt-connecting-lures-to-victims-payloads-to-infrastructure/
Space / Twitter
https://twitter.com/i/spaces/1lPKqmPlwknKb
US State Department Employees Targeted with NSO Group Malware
https://www.vice.com/en/article/5dggxk/us-state-department-employees-targeted-with-nso-group-malware
FBI - Tips
http://tips.fbi.gov
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
Tags · lgandx/Responder · GitHub
https://github.com/lgandx/Responder/tags
Home 🏠 - Subdomain Enumeration Guide
https://sidxparab.gitbook.io/subdomain-enumeration-guide/
Fundraiser by Tod Beardsley : Molly Beardsley Memorial Fund
https://www.gofundme.com/f/molly-beardsley-memorial-fund
CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability
https://thehackernews.com/2021/12/cisa-warns-of-actively-exploited.html
Privacy Tip #309 – Women Poised to Fill Gap of Cybersecurity Talent | Robinson+Cole Data Privacy + Security Insider - JDSupra
https://www.jdsupra.com/legalnews/privacy-tip-309-women-poised-to-fill-6171222/
https://bit.ly/3ChiQsE
https://bit.ly/3ChiQsE
Space / Twitter
https://twitter.com/i/spaces/1nAJEYlWQRRJL
Lauren Kaori Gurley on Twitter: "NEW: Dozens of hacked printers across the internet are printing out an anti-work manifesto. It encourages workers to discuss their pay with coworkers, and pressure their employers to pay them more. https://t.co/gr6NlsbiS5" / Twitter
https://twitter.com/laurenkgurley/status/1466519677731934208
dragosr on Twitter: "Exploit Hall of Fame - Thomas Dullien (@halvarflake) https://t.co/7Mas8vtrlM" / Twitter
https://twitter.com/dragosr/status/1466480592833458184
APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus | CISA
https://us-cert.cisa.gov/ncas/alerts/aa21-336a
NSO Pegasus spyware used to hack U.S. diplomats’ phones - The Washington Post
https://www.washingtonpost.com/technology/2021/12/03/israel-nso-pegasus-hack-us-diplomats/?tid=ss_tw
GitHub - l0ggg/VMware_vCenter: VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS
https://github.com/l0ggg/VMware_vCenter?fbclid=IwAR3JfQTRI7ZGcsB2nh-IAZPkCLwGgiLcv_u1LBxHDCzULcUDvH14Z2yhG0g
Tweet / Twitter
https://twitter.com/campuscodi/status/1466747229016924163