Mars Stealer: Oski refactoring | 3xp0rt
https://3xp0rt.com/posts/mars-stealer
writeups/Hacking-Google-Drive-Integrations.md at main · httpvoid/writeups · GitHub
https://github.com/httpvoid/writeups/blob/main/Hacking-Google-Drive-Integrations.md
publiclyDisclosed on Twitter: "Dropbox disclosed a bug submitted by @rootxharsh: https://t.co/qiEbDW51a8 - Bounty: $17,576 #hackerone #bugbounty https://t.co/BKPn3FWFdC" / Twitter
https://twitter.com/disclosedh1/status/1488538997597081600
Inside Trickbot, Russia’s Notorious Ransomware Gang | WIRED
https://www.wired.com/story/trickbot-malware-group-internal-messages/
Cryptolaemus on Twitter: "🚨🚨 Emotet important CS update 🚨🚨 Emotet has been observed executing multiple beacons in less than 2 hours on Epoch4 and Epoch5 bots. Currently, we've seen 5 different beacons distributed, however that number could grow. See the thread below for more details:" / Twitter
https://twitter.com/Cryptolaemus1/status/1488263011961868294
Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables
https://blog.talosintelligence.com/2022/01/iranian-apt-muddywater-targets-turkey.html
Cryptanalysis and quantum: How NSA spies are trying to shape the future | MIT Technology Review
https://www.technologyreview.com/2022/02/01/1044561/meet-the-nsa-spies-shaping-the-future/
(1) New Messages!
https://www.cybereason.com/blog/strifewater-rat-iranian-apt-moses-staff-adds-new-trojan-to-ransomware-operations
SysWhispers is dead, long live SysWhispers! | CyberSecurity Blog
https://klezvirus.github.io/RedTeaming/AV_Evasion/NoSysWhisper/
New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root
https://thehackernews.com/2022/01/new-samba-bug-allows-remote-attackers.html
Tweet / Twitter
https://twitter.com/edbutler2/status/1488496146242850818
Iranian Hackers Using New PowerShell Backdoor in Cyber Espionage Attacks
https://thehackernews.com/2022/02/iranian-hackers-using-new-powershell.html
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
Triage | Static Report
https://tria.ge/220201-p64w4aaffq/static1
Researchers Uncover New Iranian Hacking Campaign Targeting Turkish Users
https://thehackernews.com/2022/01/researchers-uncover-new-iranian-hacking.html
Security Onion: Security Onion 2.3.100 now available including SOC Cases!
https://blog.securityonion.net/2022/01/security-onion-23100-now-available.html
HTTPVoid on Twitter: "Hacking Google Drive integrations with a case study involving the use of CRLF and Request Pipelining to perform SSRF. https://t.co/oMM6OWmvLz" / Twitter
https://twitter.com/httpvoid0x2f/status/1488539455208235008
Domain Escalation – Machine Accounts – Penetration Testing Lab
https://pentestlab.blog/2022/02/01/machine-accounts/
PowerLess Trojan: Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage
https://www.cybereason.com/blog/powerless-trojan-iranian-apt-phosphorus-adds-new-powershell-backdoor-for-espionage
Will Cathcart on Twitter: "We're releasing our first @WhatsApp marketing campaign in the U.S. today. It's entirely focused on the importance of end-to-end encryption. https://t.co/wUaS51XiDb" / Twitter
https://twitter.com/wcathcart/status/1487891632074608642
Cody Thomas on Twitter: "Mythic 2.3.7 is finally out! This includes an entirely new interface, tab-completable and conditional command parameters, LaTeX reporting, updated ATT&CK mappings, updated agents, and more! Check out the blog at https://t.co/Fy7kxeEuJU and the change log https://t.co/MhpM8LzakI https://t.co/zqZQFHCjIM" / Twitter
https://twitter.com/its_a_feature_/status/1488197845811347460
Deep Malware Analysis - Deep Malware Analysis on a Domain joined Analyzer
https://www.joesecurity.org/blog/900813386196537837
New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks
https://thehackernews.com/2022/01/new-suremdm-vulnerabilities-could.html
How I hacked a hardware crypto wallet and recovered $2 million - YouTube
https://www.youtube.com/watch?v=dT9y-KQbqi4
SolarMarker Malware Uses Novel Techniques to Persist on Hacked Systems
https://thehackernews.com/2022/02/solarmarker-malware-uses-novel.html
「Emotet(エモテット)」と呼ばれるウイルスへの感染を狙うメールについて:IPA 独立行政法人 情報処理推進機構
https://www.ipa.go.jp/security/announce/20191202.html