Cryptolaemus on Twitter: "We have verified distribution of #Dridex 22203 on Windows via #Log4j #Log4Shell. Class > MSHTA > VBS > rundll32. Class: https://t.co/ivdZSd1QGR Payload URLs: https://t.co/RoZubNKUs5 DLL sample: https://t.co/6P8aHdim8v HTA > DLL run: https://t.co/KdGZfmHkMN https://t.co/IsoYWfdKcq" / Twitter
https://twitter.com/Cryptolaemus1/status/1472939659760185346
Log4j vulnerability now used to install Dridex banking malware
https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/
vx-underground on Twitter: "Security researcher @1ZRR4H has identified the first Log4J worm. It is a self-propagating Mirai bot. We have aggregated the sample. You can download the Log4J Mirai worm here: https://t.co/xvJa5yJKws https://t.co/aGVmPTbhX8" / Twitter
https://twitter.com/vxunderground/status/1472782879931473921
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/211220-rpvyzabfap
Germán Fernández on Twitter: "Botnets exploiting #Log4Shell 💣🔥🔥 1) #Kinsing aka #H2miner VT: https://t.co/mtBzXXstro 2) #Mirai aka #Katana VT: https://t.co/uSW9Vdljs3 C2: /nazi.uy 3) #Muhstik aka #Tsunami VT: https://t.co/18sLLTqxRt C2: /log.exposedbotnets.ru [+] IOC's -> https://t.co/glHDKFae0Q" / Twitter
https://twitter.com/1ZRR4H/status/1469734728827904002![Germán Fernández on Twitter: "Botnets exploiting #Log4Shell 💣🔥🔥 1) #Kinsing aka #H2miner VT: https://t.co/mtBzXXstro 2) #Mirai aka #Katana VT: https://t.co/uSW9Vdljs3 C2: /nazi.uy 3) #Muhstik aka #Tsunami VT: https://t.co/18sLLTqxRt C2: /log.exposedbotnets.ru [+] IOC's -> https://t.co/glHDKFae0Q" / Twitter](/image/screenshot/6411971ad907ccf1804f599ef5f91add.webp)
Rob Fuller on Twitter: "One of the smallest changes with huge effect you can make to Active Directory to help secure it against a LOT of attack paths is changing the attribute ms-DS-MachineAccountQuota = 0. Do this now, do it on Monday, but adds a pretty decent barrier to many attack paths. https://t.co/ejaYtz1KdZ" / Twitter
https://twitter.com/mubix/status/1472681102741549059
vx-underground
https://vx-underground.org
Belgian Defence ministry network partially down following cyber attack
https://www.brusselstimes.com/belgium/198521/belgian-defence-ministry-network-partially-down-following-cyber-attack
Defensie slachtoffer van zware cyberaanval, deel netwerk al dagen plat | VRT NWS: nieuws
https://www.vrt.be/vrtnws/nl/2021/12/20/defensie-slachtoffer-zware-cyberaanval-deel-netwerk-al-dagen-pl/
A Detailed Guide on Log4J Penetration Testing - Hacking Articles
https://www.hackingarticles.in/a-detailed-guide-on-log4j-penetration-testing/
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store
https://thehackernews.com/2021/12/over-500000-android-users-downloaded.html
GitHub - bohops/RogueAssemblyHunter: Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
https://github.com/bohops/RogueAssemblyHunter
GitHub - tihanyin/Simple-Reverse-Shell: Simple reverse shell to avoid Win 11 defender detection
https://github.com/tihanyin/Simple-Reverse-Shell/
SensePost | Android application testing using windows 11 and windows subsystem for android
https://sensepost.com/blog/2021/android-application-testing-using-windows-11-and-windows-subsystem-for-android/
New stealthy DarkWatchman malware hides in the Windows Registry
https://www.bleepingcomputer.com/news/security/new-stealthy-darkwatchman-malware-hides-in-the-windows-registry/
Experts Discover Backdoor Deployed on the U.S. Federal Agency's Network
https://thehackernews.com/2021/12/experts-discover-backdoor-deployed-on.html
GitHub - proferosec/log4jScanner: log4jScanner provides the ability to scan internal subnets for vulnerable log4j web services
https://github.com/proferosec/log4jScanner
AP Exclusive: Polish opposition duo hacked with NSO spyware | AP News
https://apnews.com/article/technology-business-poland-hacking-warsaw-8b52e16d1af60f9c324cf9f5099b687e
New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G
https://thehackernews.com/2021/12/new-mobile-network-vulnerabilities.html
District of Massachusetts | Russian National Extradited for Role in Hacking and Illegal Trading Scheme | United States Department of Justice
https://www.justice.gov/usao-ma/pr/russian-national-extradited-role-hacking-and-illegal-trading-scheme
Cyber, etc... on Twitter: "Belgique 🇧🇪 : le ministère de la #Défense a été visé par une #cyberattaque qui perturbe ses activités depuis le 16/12. L'attaque exploite la vulnérabilité #log4j. Son origine, étatique ou non, n'est pas connue. @HaboubiAnis @ComcyberFR Via @sudinfo_be https://t.co/inO1kazR9Q" / Twitter
https://twitter.com/cyber_etc/status/1472828739063066633
[LOG4J2-3230] Certain strings can cause infinite recursion - ASF JIRA
https://issues.apache.org/jira/browse/LOG4J2-3230![[LOG4J2-3230] Certain strings can cause infinite recursion - ASF JIRA](/image/screenshot/907eecbf283f4fd07d0462fe5118b9f1.webp)
United States Space Force on Twitter: "Each day we are thankful for our #Guardians who made the decision to serve in the #SpaceForce. However, today on our 2nd birthday, we are especially grateful for their contributions to the mission. #HBDSpaceForce https://t.co/piOBFwjaa2" / Twitter
https://twitter.com/SpaceForceDoD/status/1472914825898790913
The Log4j saga: New vulnerabilities and attack vectors discovered - Help Net Security
https://www.helpnetsecurity.com/2021/12/20/log4j-attack-vectors/
Page not found · GitHub · GitHub
https://github.com/nyx-fuzz/Nyx/blob/main/docs/AFLplusplus-Nyx.md
The CyberWire: The 12 Days of Malware. - YouTube
https://bit.ly/cw12daysvideo
Cuba Ransomware Analysis
https://lab52.io/blog/cuba-ransomware-analysis/