Cobalt Strike, a Defender’s Guide - Part 2
https://thedfirreport.com/2022/01/24/cobalt-strike-a-defenders-guide-part-2/
Belarusian Cyber-Partisans on Twitter: "We have encryption keys, and we are ready to return Belarusian Railroad's systems to normal mode. Our conditions: 🔺 Release of the 50 political prisoners who are most in need of medical assistance. 🔺Preventing the presence of Russian troops on the territory of #Belarus." / Twitter
https://twitter.com/cpartisans/status/1485618881557315588
APT29a Security Blog: Fuzzing Chromes JavaScript Engine v8
https://apt29a.blogspot.com/2022/01/fuzzing-chromes-javascript-engine-v8.html
Releases · hasherezade/hollows_hunter
https://github.com/hasherezade/hollows_hunter/releases
Releases · hasherezade/pe-sieve
https://github.com/hasherezade/pe-sieve/releases
Release v1.5.0 · BishopFox/sliver · GitHub
https://github.com/BishopFox/sliver/releases/tag/v1.5.0
Hacker abuses OpenSea to buy NFTs at older, cheaper prices - The Record from Recorded Future News
https://therecord.media/hacker-abuses-opensea-to-buy-nfts-at-older-cheaper-prices/
Troy Hunt: How I Got Pwned by My Cloud Costs
https://www.troyhunt.com/how-i-got-pwned-by-my-cloud-costs/
GitHub - resyncgg/ripgen: Rust-based high performance domain permutation generator.
https://github.com/resyncgg/ripgen
Malware-IOCs/2022-01-23_SitiosComprometidos_Webshells at main · CronUp/Malware-IOCs · GitHub
https://github.com/CronUp/Malware-IOCs/blob/main/2022-01-23_SitiosComprometidos_Webshells
Paranoids’ Vulnerability Research: PrinterLogic Issues Security Alert | Paranoids | Yahoo Inc.
https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/
Triage | Behavioral Report
https://tria.ge/220124-lq41daebdl/behavioral1
Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams
https://thehackernews.com/2022/01/hackers-creating-fraudulent-crypto.html
Fundraiser by Jeffrey Man : Help Hannah Kick Cancer's Butt
https://gofund.me/05322e2e
3xp0rt on Twitter: "#Malware #Stealer #XFiles A new version of X-Files Stealer. ReadLineS0SAT.exe: https://t.co/Jkpe8hhZSD https://t.co/gmLytpf5nO xfilesebetreadline[.]online: https://t.co/RuycSmT9EU Additional information in the comments 👇 https://t.co/QyDbWzGct8 https://t.co/2YnOkSATUC" / Twitter
https://twitter.com/3xp0rtblog/status/1473323635469438978![3xp0rt on Twitter: "#Malware #Stealer #XFiles A new version of X-Files Stealer. ReadLineS0SAT.exe: https://t.co/Jkpe8hhZSD https://t.co/gmLytpf5nO xfilesebetreadline[.]online: https://t.co/RuycSmT9EU Additional information in the comments 👇 https://t.co/QyDbWzGct8 https://t.co/2YnOkSATUC" / Twitter](/image/screenshot/78d36167996302eb2d97df2cb89f7294.webp)
The DFIR Report on Twitter: "Cobalt Strike, a Defender's Guide - Part 2 ➡️In this report we talk about domain fronting, SOCKS proxy, C2 traffic, Sigma rules, JARM, JA3/S, RITA & more. Big shout-out to @Kostastsale for helping put this together! https://t.co/QoamWA67ve https://t.co/umcJFzAGcU" / Twitter
https://twitter.com/TheDFIRReport/status/1485599737495629831
Hunting with weak signals - Stairwell
https://stairwell.com/news/hunting-with-weak-signals/
Cracking a $2 million crypto wallet - The Verge
https://www.theverge.com/2022/1/24/22898712/crypto-hardware-wallet-hacking-lost-bitcoin-ethereum-nft
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
High-Severity Rust Programming Bug Could Lead to File, Directory Deletion
https://thehackernews.com/2022/01/high-severity-rust-programming-bug.html
Releases · hasherezade/mal_unpack
https://github.com/hasherezade/mal_unpack/releases/
thaddeus e. grugq 🌻 [email protected] on Twitter: "I made another video. This time a run down on cyber, cyberwar, and cyber war. Is cyberwar war? And what is “war” anyway? All these are addressed in the video. Enjoy! https://t.co/NDPWS7JzGt" / Twitter
https://twitter.com/thegrugq/status/1485543669092388866
GitHub - nasbench/C2-Matrix-Indicators: This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
https://github.com/nasbench/C2-Matrix-Indicators
Shady Network of Fake Mossad Job Sites Targets Iranian Spies
https://www.thedailybeast.com/shady-network-of-fake-mossad-job-sites-target-iranian-spies
Belarusian Cyber-Partisans on Twitter: "At the command of the terrorist Lukashenka, #Belarusian Railway allows the occupying troops to enter our land. We encrypted some of BR's servers, databases and workstations to disrupt its operations.❗️Automation and security systems were NOT affected to avoid emergency situations" / Twitter
https://twitter.com/cpartisans/status/1485615555017117700
Emotet Now Using Unconventional IP Address Formats to Evade Detection
https://thehackernews.com/2022/01/emotet-now-using-unconventional-ip.html
hiro_ on Twitter: "とりに行った先は割と単純なのね #Emotet https://t.co/YJfhWv8tJt" / Twitter
https://twitter.com/papa_anniekey/status/1485628130282774529
DNSStager v1.0 beta agent to inject the retrived shellcode in notepad.exe and using Early Bird APC · GitHub
https://gist.github.com/mhaskar/b6bb8d5eaf676281565ca2ac4c4ca100
GMOインターネットグループがサイバーセキュリティ事業に本格参入 | GMOインターネットグループ株式会社
https://www.gmo.jp/news/article/7573/
CactusCon 10 Tickets, Mesa | Eventbrite
https://www.eventbrite.com/e/cactuscon-10-tickets-161667538961