Parag Agrawal Shakes Up Twitter's Security Team - The New York Times
https://www.nytimes.com/2022/01/21/technology/twitter-security-team.html
Windows Drivers Reverse Engineering Methodology - VoidSec
https://voidsec.com/windows-drivers-reverse-engineering-methodology/
MoonBounce: the dark side of UEFI firmware | Securelist
https://securelist.com/moonbounce-the-dark-side-of-uefi-firmware/105468/
John Hultquist🌻 on Twitter: "I wrote a short blog, committing some of the lessons we've learned about the Russian cyber threat, and what we might expect, to writing. https://t.co/WvJOcXPsJ6" / Twitter
https://twitter.com/JohnHultquist/status/1484344307532189703
Anticipating Cyber Threats as the Ukraine Crisis Escalates | Mandiant
https://www.mandiant.com/resources/ukraine-crisis-cyber-threats
Policies | Journal of Threat Intelligence and Incident Response | Journals | California Polytechnic State University, San Luis Obispo
https://digitalcommons.calpoly.edu/jtiir/policies.html
End-to-end encryption protects children, says UK information watchdog | Chat and messaging apps | The Guardian
https://www.theguardian.com/technology/2022/jan/21/end-to-end-encryption-protects-children-says-uk-information-watchdog
rat king 🐀 on Twitter: "news: Twitter's new CEO shakes up its top security team, with head of security Pieter 'Mudge' Zatko out of the company and CISO Rinki Sethi to depart in the near future story with @kateconger https://t.co/FjyZpvf1VS" / Twitter
https://twitter.com/mikeisaac/status/1484413851739189250
PSBits/AppLockerBypass at master · gtworek/PSBits · GitHub
https://github.com/gtworek/PSBits/tree/master/AppLockerBypass
Hackers Were in Ukraine Systems Months Before Deploying Wiper
https://zetter.substack.com/p/hackers-were-in-ukraine-systems-months
Return of Pseudo Ransomware
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/return-of-pseudo-ransomware.html
Encryption: UK data watchdog criticises government campaign - BBC News
https://www.bbc.co.uk/news/technology-60072191
McAfee Agent bug lets hackers run code with Windows SYSTEM privileges
https://www.bleepingcomputer.com/news/security/mcafee-agent-bug-lets-hackers-run-code-with-windows-system-privileges/
Merck wins cyber-insurance lawsuit related to NotPetya attack - The Record from Recorded Future News
https://therecord.media/merck-wins-cyber-insurance-lawsuit-related-to-notpetya-attack/
Tweet / Twitter
https://twitter.com/kateconger/status/1484413889408225280
Over 90 WordPress themes, plugins backdoored in supply chain attack
https://www.bleepingcomputer.com/news/security/over-90-wordpress-themes-plugins-backdoored-in-supply-chain-attack/
Microsoft disables Excel 4.0 macros by default to block malware
https://www.bleepingcomputer.com/news/microsoft/microsoft-disables-excel-40-macros-by-default-to-block-malware/
A deeper UEFI dive into MoonBounce
https://www.binarly.io/posts/A_deeper_UEFI_dive_into_MoonBounce/index.html
starlabs on Twitter: "After Monday and Tuesday, it's WTF Our team member, @hungtt28 made this N-day exploit demo of CVE-2021-30632 & CVE-2021-30633 He is currently writing a blog post on the analysis of CVE-2021-30633 since no one written about it yet (or not that we know of) https://t.co/q8nNVV4djj" / Twitter
https://twitter.com/starlabs_sg/status/1483351226641428484
Sergio Caltagirone on Twitter: "EXCITING NEWS! We've launched the Journal of Threat Intelligence and Incident Response #JTIIR delivering peer-reviewed practical articles. Submissions are rolling but deadline is March 31 for the inaugural issue. https://t.co/xsJc8joZ9J #ThreatIntelligence #DFIR #threatintel https://t.co/VwaLByQViM" / Twitter
https://twitter.com/cnoanalysis/status/1484583836000399361
404 Page not found | STAR Labs
https://starlabs.sg/blog/2022/01/the-cat-escaped-from-the-chrome-sandbox/
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/7efc216f28686df549f764bc60f19eb50e86540cbedc4bac5e03df650579fa40/
Source Incite on Twitter: "Zoho ManageEngine Desktop Central StateFilter Arbitrary Forward Authentication Bypass Vulnerability https://t.co/pHffCBLFA0" / Twitter
https://twitter.com/sourceincite/status/1484564168120360961
VirusTotal - File - 1eede29007619d207842ddcaadf41b17b47a456004df43189d1f6cf54a3b785b
https://www.virustotal.com/gui/file/1eede29007619d207842ddcaadf41b17b47a456004df43189d1f6cf54a3b785b
Read the never-issued Trump order that would have seized voting machines - POLITICO
https://www.politico.com/news/2022/01/21/read-the-never-issued-trump-order-that-would-have-seized-voting-machines-527572
Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software
https://thehackernews.com/2022/01/cisco-issues-patch-for-critical-rce.html
Feodo Tracker | BazarLoader C&C: 144.217.50.242
https://feodotracker.abuse.ch/browse/host/144.217.50.242/
VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution ≈ Packet Storm
https://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html