Project Zero: A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
Ian Beer on Twitter: "Today we're publishing a detailed technical writeup of FORCEDENTRY, the zero-click iMessage exploit linked by Citizen Lab to the exploitation of journalists, activists and dissidents around the world. https://t.co/RYsqpTHF5j" / Twitter
https://twitter.com/i41nbeer/status/1471163195679252484
Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware - The Citizen Lab
https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/
PNG Parser Differential
https://www.da.vidbuchanan.co.uk/widgets/pngdiff/
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
regex101: build, test, and debug regex
http://regex101.com/r/KqGG3W/3
GitHub - back2root/log4shell-rex: PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs
https://github.com/back2root/log4shell-rex
FBI - Tips
http://tips.fbi.gov
MDSec on Twitter: "Hot off the production line, Nighthawk 0.1 is available for subscribers… check out our release post https://t.co/1ku2Sar5He https://t.co/MkWCjU8EKm" / Twitter
https://twitter.com/MDSecLabs/status/1471506640775958542
GitHub - CERTCC/CVE-2021-44228_scanner: Scanners for Jar files that may be vulnerable to CVE-2021-44228
https://github.com/CERTCC/CVE-2021-44228_scanner
New Fileless Malware Uses Windows Registry as Storage to Evade Detection
https://thehackernews.com/2021/12/new-fileless-malware-uses-windows.html
Malware-IOCs/2021-12-15_CobaltStrikeC2s at main · CronUp/Malware-IOCs · GitHub
https://github.com/CronUp/Malware-IOCs/blob/main/2021-12-15_CobaltStrikeC2s
Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges
https://thehackernews.com/2021/12/hackers-begin-exploiting-second-log4j.html
‘DarkWatchman’ RAT Shows Evolution in Fileless Malware | Threatpost
https://threatpost.com/darkwatchman-rat-evolution-fileless-malware/177091/
Cyber Security Infographics - Cyber Startup Observatory
https://cyberstartupobservatory.com/infographics/
David Buchanan on Twitter: "I crafted a PNG image that says something different on Apple vs non-Apple devices: https://t.co/CPHRgYhczZ (unfortunately it won't work directly on twitter...)" / Twitter
https://twitter.com/David3141593/status/1471280465692835846
Microsoft – クラウド、コンピューター、アプリ & ゲーム
http://Microsoft.com
Azure Run Command for Dummies | Mandiant
https://www.mandiant.com/resources/azure-run-command-dummies
Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips
https://thehackernews.com/2021/12/researchers-uncover-new-coexistence.html
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://i5c.us/d28142
GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
https://github.com/fullhunt/log4j-scan
GitHub - thomaspatzke/Log4Pot: A honeypot for the Log4Shell vulnerability (CVE-2021-44228).
https://github.com/thomaspatzke/Log4Pot
Virustotal 17 security vendors and 1 sandbox flagged this file as malicious · Issue #7 · hillu/local-log4j-vuln-scanner · GitHub
https://github.com/hillu/local-log4j-vuln-scanner/issues/7
Log4jで話題になったWAFの回避/難読化とは何か - WAF Tech Blog | クラウド型 WAFサービス Scutum 【スキュータム】
https://www.scutum.jp/information/waf_tech_blog/2021/12/waf-blog-081.html
NSA Cyber on Twitter: "A secure 5G core infrastructure is only as strong as its foundation. Read Part IV of our 5G Cloud guidance with @CISAgov, through the Enduring Security Framework (ESF), for necessary mitigations to ensure 5G cloud infrastructure integrity. https://t.co/3ldzWF60Vp https://t.co/AqGdDNwysb" / Twitter
https://twitter.com/NSACyber/status/1471518372756140035
Tweet / Twitter
https://twitter.com/PythonResponder/status/1471267971230224385
CyberSlide - The Cyber Startup Observatory
https://cyberstartupobservatory.com/resources-cyberslide/
offensivecon on Twitter: "Ladies and gentlemen, our speakers for #Offensivecon22 https://t.co/3OTgbcmlvV" / Twitter
https://twitter.com/offensive_con/status/1471089420702994432