Project Zero: Zooming in on Zero-click Exploits
https://googleprojectzero.blogspot.com//2022/01/zooming-in-on-zero-click-exploits.html
COVID Home Tests | USPS
https://special.usps.com/testkits
What We Know and Don’t Know about the Cyberattacks Against Ukraine - (updated)
https://zetter.substack.com/p/what-we-know-and-dont-know-about
Europol takes down VPNLab, a service used by ransomware gangs - The Record from Recorded Future News
https://therecord.media/europol-takes-down-vpnlab-a-service-used-by-ransomware-gangs/
Stealing administrative JWT's through post auth SSRF (CVE-2021-22056) – Assetnote
https://blog.assetnote.io/2022/01/17/workspace-one-access-ssrf/
GitHub - ZZ-SOCMAP/CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907
https://github.com/antx-code/CVE-2022-21907
COVID.gov/tests - Free at-home COVID-19 tests
http://covidtests.gov
Dozens of Computers in Ukraine Wiped with Destructive Malware in Coordinated Attack
https://zetter.substack.com/p/dozens-of-computers-in-ukraine-wiped
Jim Langevin on Twitter: "Thank you, Rhode Island. https://t.co/5bBFektfyo" / Twitter
https://twitter.com/JimLangevin/status/1483498402730151946
Revealed: UK Gov’t Plans Publicity Blitz to Undermine Chat Privacy – Rolling Stone
https://www.rollingstone.com/culture/culture-news/revealed-uk-government-publicity-blitz-to-undermine-privacy-encryption-1285453/
GitHub - CIRCL/factual-rules-generator: Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
https://github.com/CIRCL/factual-rules-generator
Home Office on Twitter: "Social media companies must help keep our children safe online. We're supporting @barnardos @MCFcharityUK @StopItNowUK @SafeToNet as they urge social media tech companies to put children’s safety first on their platforms. #NoPlaceToHide https://t.co/MBtQhGjrES https://t.co/tdzh0kido8" / Twitter
https://twitter.com/ukhomeoffice/status/1483375279477305356
SeeYouCM-Thief: Exploiting Common Misconfigurations in Cisco Phone Systems - TrustedSec
https://www.trustedsec.com/blog/seeyoucm-thief-exploiting-common-misconfigurations-in-cisco-phone-systems/
Unhappy New Year for cybercriminals as VPNLab.net goes offline | Europol
https://www.europol.europa.eu/media-press/newsroom/news/unhappy-new-year-for-cybercriminals-vpnlabnet-goes-offline
Tommy M (TheAnalyst) on Twitter: "This #wproilbask #IcedID campaign went active again yesterday, 12 new compromised sites used as distro. I'm guessing that it's a reverse proxy because file rotation (not true hash busting) and that files were updated on the old distros too. Current downloader C2 /ovedfromasi.top https://t.co/8yzBYMLkvD" / Twitter
https://twitter.com/ffforward/status/1481574479063097353
Cyber Security Training Events | SANS Institute
https://www.sans.org/cyber-security-training-events/cyber-threat-intelligence-summit-2022-live-online/
Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central
https://thehackernews.com/2022/01/zoho-releases-patch-for-critical-flaw.html
Five Key Signals From Russia's REvil Ransomware Bust - SecurityWeek
https://www.securityweek.com/five-key-signals-russias-revil-ransomware-bust
National Crime Agency (NCA) on Twitter: "The NCA is backing the #NoPlaceToHide campaign. End to end encryption will blind companies to the abhorrent child sexual abuse happening on their platforms. Join the fight and tell social media companies they must help keep our children safe." / Twitter
https://twitter.com/NCA_UK/status/1483403983159009280
Project Zero: Zooming in on Zero-click Exploits
https://googleprojectzero.blogspot.com/2022/01/zooming-in-on-zero-click-exploits.html
GitHub - mrd0x/pe2shc-to-cdb: Convert shellcode generated using pe_2_shellcode to cdb format.
https://github.com/mrd0x/pe2shc-to-cdb
Microsoft Security Intelligence on Twitter: "Microsoft identified a unique destructive malware operated by an actor tracked as DEV-0586 targeting Ukrainian organizations. Observed activity, TTPs, and IOCs shared in this new MSTIC blog. We'll update the blog as our investigation unfolds. https://t.co/wBB82gp6TX" / Twitter
https://twitter.com/MsftSecIntel/status/1482543129454686215
Allan “Ransomware Sommelier🍷” Liska on Twitter: "Resharing this from yesterday, just because I am so proud of it...best thing I ever did for a talk that didn't get accepted 😂 https://t.co/g52hRXnU4v" / Twitter
https://twitter.com/uuallan/status/1483461884246376448
Kim Zetter on Twitter: "I published an assessment of what we currently know/don't know about the cyberattacks against Ukraine. Includes new info and some analysis. Also tried to detail how the wiper works, but Microsoft's blog was a bit confusing. Let me know if I got it wrong. https://t.co/CrRkU9HV4K" / Twitter
https://twitter.com/KimZetter/status/1483106798663995396
http://go.usa.gov/xtB9p
http://go.usa.gov/xtB9p
GitHub - zyn3rgy/LdapRelayScan: Check for LDAP protections regarding the relay of NTLM authentication
https://github.com/zyn3rgy/LdapRelayScan
becca kubrick ✸ charity raffle live ! ╰(● ⋏ ●)╯ on Twitter: "Question time ! I'm 22 and people like to tell me how young I am and how much time I've got to figure things out even if I don't feel like I do. So...what were you up to around 22 and how has your life changes since then?" / Twitter
https://twitter.com/beckkubrick/status/1483046176173834245
New campaign aims to stop more encrypted apps - BBC News
https://www.bbc.co.uk/news/59964656
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
https://thehackernews.com/2022/01/earth-lusca-hackers-aimed-at-high-value.html
New White Rabbit ransomware linked to FIN8 hacking group
https://www.bleepingcomputer.com/news/security/new-white-rabbit-ransomware-linked-to-fin8-hacking-group/
Cryptolaemus on Twitter: "#emotet TTPs changed Initial XLS now grabs the HTA > PP.PNG > PS with payloads the HTA url is obscured, https://t.co/qwK6y0DDqo https://t.co/VJSKCDQqhV" / Twitter
https://twitter.com/Cryptolaemus1/status/1483190427213783044
Preventing Child Exploitation on Our Apps | Meta
https://about.fb.com/news/2021/02/preventing-child-exploitation-on-our-apps/
DoNot Go! Do not respawn! | WeLiveSecurity
https://www.welivesecurity.com/2022/01/18/donot-go-do-not-respawn/
Tweet / Twitter
https://twitter.com/TriciaKicksSaaS/status/1483424433502969857
Crypto.com on Twitter: "We have a small number of users reporting suspicious activity on their accounts. We will be pausing withdrawals shortly, as our team is investigating. All funds are safe." / Twitter
https://twitter.com/cryptocom/status/1482936866001207296
Europol shuts down VPN service used by ransomware groups
https://www.bleepingcomputer.com/news/security/europol-shuts-down-vpn-service-used-by-ransomware-groups/