Doctor-style register planned for UK infosec professionals • The Register
https://www.theregister.com/2022/01/25/ukgov_cybersecurity_profession_regulation_ukcsc/
hackerfantastic.crypto on Twitter: "The UK government wants to decide who is allowed to be an ethical hacker or not and tie it to legal defense exemptions under the upcoming amended Computer Misuse Act. A government that has shown itself to be nothing but corrupt and unethical... https://t.co/eIj2x3IYxX" / Twitter
https://twitter.com/hackerfantastic/status/1485946271877804033
Watering hole deploys new macOS malware, DazzleSpy, in Asia | WeLiveSecurity
https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/
GitHub - Idov31/FunctionStomping: A new shellcode injection technique. Given as C++ header, standalone Rust program or library.
https://github.com/Idov31/FunctionStomping
UK government plans to release Nmap scripts for finding vulnerabilities - The Record from Recorded Future News
https://therecord.media/uk-government-plans-to-release-nmap-scripts-for-finding-vulnerabilities/
Cybersecurity Career Opportunities | Binary Defense
https://www.binarydefense.com/Careers/
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
Government Cyber Security Strategy: 2022 to 2030 - GOV.UK
https://www.gov.uk/government/publications/government-cyber-security-strategy-2022-to-2030
Prime Minister’s Office Compromised: Details of Recent Espionage Campaign
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/prime-ministers-office-compromised.html
Cobalt Strike, a Defender’s Guide - Part 2
https://thedfirreport.com/2022/01/24/cobalt-strike-a-defenders-guide-part-2/
Introducing Scanning Made Easy - NCSC.GOV.UK
https://www.ncsc.gov.uk/blog-post/introducing-scanning-made-easy
GitHub - hlldz/RefleXXion: RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, it first collects the syscall numbers of the NtOpenFile, NtCreateSection, NtOpenSection and NtMapViewOfSection found in the LdrpThunkSignature array.
https://github.com/hlldz/RefleXXion
https://haxx.in/files/blasty-vs-pkexec.c
https://haxx.in/files/blasty-vs-pkexec.c
How I hacked a hardware crypto wallet and recovered $2 million - YouTube
https://www.youtube.com/watch?v=dT9y-KQbqi4
Solarwinds Web Help Desk: When the Helpdesk is too Helpful – Assetnote
https://blog.assetnote.io/2022/01/23/solarwinds-webhelpdesk-hsql-eval-harcoded-creds/
Analysis of a Remcos RAT Dropper
https://inquest.net/blog/2022/01/24/analysis-remcos-rat-dropper
Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets
https://thehackernews.com/2022/01/hackers-exploited-mshtml-flaw-to-spy-on.html
Hussein Daher on Twitter: "It's finally live - I'm sorry for the time this took! The workshop I gave at @THREAT_CON is now live on Udemy for a discounted price. The price will go back to $149 at the end of the week . More details to follow. https://t.co/7LoaJOwhzH https://t.co/aRmDI6QAam" / Twitter
https://twitter.com/HusseiN98D/status/1485953436684365826
Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion · GitHub
https://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786
Segway store compromised with Magecart skimmer
https://blog.malwarebytes.com/threat-intelligence/2022/01/segway-store-compromised-with-magecart-skimmer/
CyberSlide - The Cyber Startup Observatory
https://cyberstartupobservatory.com/resources-cyberslide/
Security Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0017
His son's school was hacked. Then the ransomware gang called him at home.
https://www.nbcnews.com/tech/security/ransomware-hackers-new-tactic-calling-directly-rcna6466
Max_Malyutin on Twitter: "#Emotet infection leads to #CobaltStrike ❗️ Domain: repigeleli[.]com - @Namecheap URL: hxxps://repigeleli[.]com/components/lt[.]ico IP: 172.241.27[.]107 Port: 443 Cobalt Strike Process: Rundll32.exe @Cryptolaemus1 H/T anonymous https://t.co/C0oKkr1HIg" / Twitter
https://twitter.com/Max_Mal_/status/1485984545623134213![Max_Malyutin on Twitter: "#Emotet infection leads to #CobaltStrike ❗️ Domain: repigeleli[.]com - @Namecheap URL: hxxps://repigeleli[.]com/components/lt[.]ico IP: 172.241.27[.]107 Port: 443 Cobalt Strike Process: Rundll32.exe @Cryptolaemus1 H/T anonymous https://t.co/C0oKkr1HIg" / Twitter](/image/screenshot/3b87806033653bbddbec27a4acab867e.webp)
Hackers Infect macOS with New DazzleSpy Backdoor in Watering-Hole Attacks
https://thehackernews.com/2022/01/hackers-infect-macos-with-new-dazzlespy.html
Matthew Olney🌻 on Twitter: "So CISA is warning CI that Russia may act in cyberspace if the West's response threatens Russia's national security. I hear some CI respond "So what, we've always faced attacks from Russia." At it's core that response shows a misunderstanding of what has and is happening 1/9" / Twitter
https://twitter.com/kpyke/status/1485634752942157825
SwiftInSecurity on Twitter: "To be a programmer is to execute the theft of human dreams upon an altar of time." / Twitter
https://twitter.com/swiftonsecurity/status/1485832256350564353
Rachel Cohen on Twitter: "“Youngkin also touted a tip line for parents to report to the state any school officials they find to be behaving objectionably — including teaching ‘divisive’ subjects” https://t.co/aiFAZzCjSV https://t.co/qXihsj9DLL" / Twitter
https://twitter.com/rmc031/status/1485775829539991552
Android malware BRATA wipes your device after stealing data
https://www.bleepingcomputer.com/news/security/android-malware-brata-wipes-your-device-after-stealing-data/
objectstorage.ca-toronto-1.oraclecloud.com - urlscan.io
https://urlscan.io/result/3935bf23-d92c-4bf8-9fdf-544c327a8b83/
/ˈziːf-kɒn/ on Twitter: "We are back! The #x33fcon team decided to try to organize an event on site this year. Summer in Gdynia! Sounds great? Registration opens on February 1, the number of tickets is limited! Meanwhile, submit your #CFP #CFW #CFT More: https://t.co/RFukZxJfNK https://t.co/wWx7oBknZl" / Twitter
https://twitter.com/x33fcon/status/1485567975369416706
Canada's foreign ministry hacked, services hit | Reuters
https://www.reuters.com/technology/canadas-foreign-ministry-hacked-services-hit-2022-01-24/
RBCD WebClient attack | Franky's WebSite
https://www.bussink.net/rbcd-webclient-attack/
Cyber Security Infographics - Cyber Startup Observatory
https://cyberstartupobservatory.com/infographics/
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://i5c.us/d28270
Hacktivist group shares details related to Belarusian Railways hack
https://www.curatedintel.org/2022/01/hacktivist-group-shares-details-related.html
life of a DNS query
https://wizardzines.com/comics/life-of-a-dns-query/
Paul L. on Twitter: "LsaCallAuthenticationPackage is nothing more than NtDeviceIoControlFile on \\Device\\KsecDD ... just saying" / Twitter
https://twitter.com/am0nsec/status/1483466673151692815