Alex Thompson on Twitter: "NEW: Kamala Harris has long felt that Bluetooth headphones are a security risk. So, she insists on using wired ones, 3 fmr campaign aides told @rubycramer and me. That Bluetooth phobia remains (if you look closely, you'll see the clump of wires in hand) https://t.co/9poyMTQrU2 https://t.co/HtscTWm1sF" / Twitter
https://twitter.com/alexthomp/status/1467995231014559744
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/211207-t5l24sbean
The hidden side of Seclogon part 2: Abusing leaked handles to dump LSASS memory
https://splintercod3.blogspot.com/p/the-hidden-side-of-seclogon-part-2.html
Suspected Russian Activity Targeting Government and Business Entities Around the Globe | Mandiant
https://www.mandiant.com/resources/russian-targeting-gov-business
Cryptolaemus on Twitter: "🚨🚨WARNING 🚨🚨 We have confirmed that #Emotet is dropping CS Beacons on E5 Bots and we have observed the following as of 10:00EST/15:00UTC. The following beacon was dropped: https://t.co/imJDQTGqxV Note the traffic to lartmana[.]com. This is an active CS Teams Server. 1/x" / Twitter
https://twitter.com/Cryptolaemus1/status/1468266929014157316![Cryptolaemus on Twitter: "🚨🚨WARNING 🚨🚨 We have confirmed that #Emotet is dropping CS Beacons on E5 Bots and we have observed the following as of 10:00EST/15:00UTC. The following beacon was dropped: https://t.co/imJDQTGqxV Note the traffic to lartmana[.]com. This is an active CS Teams Server. 1/x" / Twitter](/image/screenshot/71e4eb22f5df2db34944900257b5f9b2.webp)
Windows 10 RCE: The exploit is in the link | Positive Security
https://positive.security/blog/ms-officecmd-rce
Ransomware playbook (ITSM.00.099) - Canadian Centre for Cyber Security
https://cyber.gc.ca/en/guidance/ransomware-playbook-itsm00099?mtm_campaign=cse-cst-ransomware-2021&mtm_source=twt&mtm_medium=smo&mtm_content=ransomware-playbook-e
Alec Muffett on Twitter: "Are you a member of @OpenRightsGroup? Lord Lipsey thinks you're a porn-mongering libertarian. Image Quote in Alt-Text. https://t.co/5SV2hyMwLt https://t.co/NGLs50tELT" / Twitter
https://twitter.com/alecmuffett/status/1468185491673604096
GitHub - matterpreter/FindETWProviderImage: Quickly search for references to a GUID in DLLs, EXEs, and drivers
https://github.com/matterpreter/FindETWProviderImage
Project Zero: Windows Exploitation Tricks: Relaying DCOM Authentication
https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html
Alex Thompson on Twitter: "Former aides say that VP has long been careful about security — w/ some describing it as prudent & others suggesting it’s a bit paranoid. A former aide from AG days said when a person arrived for a meeting, staff were instructed not to allow them to wait in Harris' office alone." / Twitter
https://twitter.com/alexthomp/status/1468002290695032834
Kamala Harris Is Right: Bluetooth Is a Security Risk
https://www.vice.com/en/article/pkpgd7/kamala-harris-is-right-bluetooth-is-a-security-risk
NICKEL targeting government organizations across Latin America and Europe - Microsoft Security Blog
https://www.microsoft.com/security/blog/2021/12/06/nickel-targeting-government-organizations-across-latin-america-and-europe/
GitHub - wavestone-cdt/EDRSandblast
https://github.com/wavestone-cdt/EdrSandblast
Not found – 404 error
https://jobs.lever.co/redcanary/bf6b74f6-a78e-4c42-bd40-fefc1517e157
SolarWinds Hackers Targeting Government and Business Entities Worldwide
https://thehackernews.com/2021/12/solarwinds-hackers-targeting-government.html
FIN13: A Cybercriminal Threat Actor Focused on Mexico | Mandiant
https://www.mandiant.com/resources/fin13-cybercriminal-mexico
The Popular Family Safety App Life360 Is Selling Precise Location Data on Its Tens of Millions of Users – The Markup
https://themarkup.org/privacy/2021/12/06/the-popular-family-safety-app-life360-is-selling-precise-location-data-on-its-tens-of-millions-of-user
Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers
https://thehackernews.com/2021/12/microsoft-seizes-42-malicious-web.html
Latest Firefox 95 Includes RLBox Sandboxing to Protect Browser from Malicious Code
https://thehackernews.com/2021/12/latest-firefox-95-includes-rlbox.html
Disrupting the Glupteba operation
https://blog.google/threat-analysis-group/disrupting-glupteba-operation/
Van on Twitter: "¡Bienvenidos #FIN13! Read about the group below, in both English and Spanish! What makes #FIN13 pretty chill? A thread https://t.co/vHDUWh5REN https://t.co/AGJdXsnqph" / Twitter
https://twitter.com/wanna_vanta/status/1468264877571596290
【安全通报】Grafana 未授权任意文件读取 0day 漏洞|NOSEC安全讯息平台 - 白帽汇安全研究院
https://nosec.org/home/detail/4914.html
Protecting people from recent cyberattacks - Microsoft On the Issues
https://blogs.microsoft.com/on-the-issues/2021/12/06/cyberattacks-nickel-dcu-china/
Win My Golden Ticket! | Chris Sanders
https://chrissanders.org/2021/12/goldenticket2021/
The story of the year: ransomware in the headlines | Securelist
https://securelist.com/the-story-of-the-year-ransomware-in-the-headlines/105138/