EXCLUSIVE iPhone flaw exploited by second Israeli spy firm-sources | Reuters
https://www.reuters.com/technology/exclusive-iphone-flaw-exploited-by-second-israeli-spy-firm-sources-2022-02-03/
Philippe Lagadec on Twitter: "@Tork_88 @jabreity @thegrugq @BushidoToken When a CSV file is opened in Excel, cells starting with = and other symbols are interpreted as formulas, and they can be used to launch commands via DDE. More info: https://t.co/NvWNxafXr1" / Twitter
https://twitter.com/decalage2/status/1488481984242462728
I’m bringing relaying back: A comprehensive guide on relaying anno 2022 - TrustedSec
https://hubs.la/Q013rK9g0
North Korea Hacked Him. So He Took Down Its Internet | WIRED
https://www.wired.com/story/north-korea-hacker-internet-outage/
Site not found · GitHub Pages
https://elastic.github.io/security-research/whitepapers/2022/02/02.sandboxing-antimalware-products-for-fun-and-profit/article/
Emotet/e5_emotet_03.02.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e5_emotet_03.02.2022.txt
The Cyber Startup Observatory - The Global Cyber Innovation Network
https://cyberstartupobservatory.com
Mike Murray on Twitter: "Was talking to a friend yesterday about why the security industry proliferates charlatans (esp in vendors). Apologies for the length but thought I would post my theory: Security is one of the few markets where information asymmetry rewards vendors who lie to their buyers. 1/n" / Twitter
https://twitter.com/mmurray/status/1488874956263993345
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra | Volexity
https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra/
Cryptocurrency platform Wormhole hacked for an estimated $322 million - The Record from Recorded Future News
https://therecord.media/cryptocurrency-platform-wormhole-hacked-for-an-estimated-322-million/
smartcontracts.eth (✨🔴_🔴✨) on Twitter: "Alright. I figured out the Solana x Wormhole Bridge hack. ~300 million dollars worth of ETH drained out of the Wormhole Bridge on Ethereum. Here's how it happened." / Twitter
https://twitter.com/kelvinfichter/status/1489041221947375616
DHS Launches First-Ever Cyber Safety Review Board | Homeland Security
http://go.usa.gov/xtpgW
NSA Cyber on Twitter: "Take a look at our 2021 NSA Cybersecurity Year in Review to learn more about our impact and what we have in store for the future: https://t.co/6sz3FiNEJY https://t.co/DH6NB17Oku" / Twitter
https://twitter.com/NSACyber/status/1489271794955698177
TrustedSec on Twitter: "Senior Security Consultant @Jean_Maes_1994 gives us the first comprehensive resource about all things #relaying. This guide covers a range of techniques from most common to the lesser-known. https://t.co/dtX02qtSP1" / Twitter
https://twitter.com/TrustedSec/status/1489238296442064908
Meet Merry Maker: How Target Protects Against Digital Skimming
https://tech.target.com/blog/meet-merry-maker
Unexpected token Token('__ANON_0' · Issue #101 · DissectMalware/XLMMacroDeobfuscator · GitHub
https://github.com/DissectMalware/XLMMacroDeobfuscator/issues/101
Jen🛡Easterly on Twitter: "Thrilled to appoint some truly incredible leaders to serve on our nation’s first Cyber Safety Review Board (CSRB): @DAlperovitch, @argvee, @NCDInglis, @NSA_CSDirector, @k8em0, @ChrisJNovak, @KembaWalden, & @wendiwhitmore. See the full list here: https://t.co/Lv6MxGcw5s https://t.co/OqujyUEPFG" / Twitter
https://twitter.com/CISAJen/status/1489254797341433857
Critical Flaws Discovered in Cisco Small Business RV Series Routers
https://thehackernews.com/2022/02/critical-flaws-discovered-in-cisco.html
GitHub - horsicq/Detect-It-Easy: Program for determining types of files for Windows, Linux and MacOS.
https://github.com/horsicq/Detect-It-Easy
Cyber Security Infographics - Cyber Startup Observatory
https://cyberstartupobservatory.com/infographics/
CoinStomp Malware Family Targets Asian Cloud Service Providers - Cado Security | Cloud Investigation
https://www.cadosecurity.com/coinstomp-malware-family-targets-asian-cloud-service-providers/
Gabriel Landau on Twitter: "Antivirus getting in your way? Put it in a sandbox, and go about your day. https://t.co/H3xLIJYMuJ" / Twitter
https://twitter.com/GabrielLandau/status/1488968641907511296
GitHub - pwn1sher/KillDefender: A small POC to make defender useless by removing its token privileges and lowering the token integrity
https://github.com/pwn1sher/KillDefender
Malware Analysis Series (MAS) – Article 2 – Exploit Reversing
https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
Solving DOM XSS Puzzles | Spaceraccoon's Blog
https://spaceraccoon.dev/solving-dom-xss-puzzles
1263462 - Security: JSON.stringify leaks TheHole value, leading to RCE - chromium
https://crbug.com/1263462
Jack Herrera on Twitter: "DHS and Border Patrol are working together to eventually deploy Ghost Robotic's "dogs" on the border, in particular desert terrain. Terminator dogs will supposedly act as a "force multiplier" for CBP in patrols and interdiction. https://t.co/rFp6ITp3Ak https://t.co/ekgmb6Juih" / Twitter
https://twitter.com/jherrerx/status/1488957981547020288
SentinelOne on Twitter: "🦊New on #SentinelLabs! Learn how to dive into JIT compilers in #JavaScript engines and follow along as we find a new set of exploit primitives in this previously patched bug. By @maxpl0it. Read the blog: https://t.co/1oI51BecK4 #firefox #cybersecurity #infosec" / Twitter
https://twitter.com/sentinelone/status/1489279258543333377
Julian E. Barnes on Twitter: "NEW: U.S. intelligence has uncovered a plan by Russia to use a fabricated video as pretext for an attack on Ukraine.https://t.co/xtPuu30Ch2" / Twitter
https://twitter.com/julianbarnes/status/1489277083415154688
ATT&CK 2022 Roadmap. Where We’ve Been and Where We’re Going | by Amy L. Robertson | MITRE ATT&CK® | Medium
https://medium.com/mitre-attack/attack-2022-roadmap-cd5a1a3387c7
How Deep Learning Is Rewriting the Rules of Cybersecurity | Tanium
http://bit.ly/3r9hspJ
Iran's national TV stream hacked for the second time in a week - The Record from Recorded Future News
https://therecord.media/irans-national-tv-stream-hacked-for-the-second-time-in-a-week/
xkcd: Control Group
https://m.xkcd.com/2576/
KP Snacks Left with Crumbs After Ransomware Attack | Threatpost
https://threatpost.com/kp-snacks-crumbs-ransomware-attack/178176/
MalwareHunterTeam on Twitter: "7a07d98671d122664a88e7ce302fb9388eedb880708ba28ab3406a24dba0b3e4 "HELLO ALL YOUR FILES HAVE BEEN LOCKED BY RANOMWARE BUT CALSE YOU CAN ACCESS BACK WITH SUBSCRIBE MY CHANEL YOUTUBE ,AND COMMENT MOST VIDEOS THEN I WILL GIVE YOU THE KEY TO ACCESS YOUR FILES BACK !" 😂 @demonslay335 https://t.co/T3X9HyyiXI" / Twitter
https://twitter.com/malwrhunterteam/status/1488855030732046336