Helping users stay safe: Blocking internet macros by default in Office - Microsoft Community Hub
https://techcommunity.microsoft.com/t5/microsoft-365-blog/helping-users-stay-safe-blocking-internet-macros-by-default-in/ba-p/3071805
infosec-presentations/This are my principals.pdf at master · tyranid/infosec-presentations · GitHub
https://github.com/tyranid/infosec-presentations/blob/master/OffensiveCon/2022/This%20are%20my%20principals.pdf
Simple, Secure Identity Verification | ID.me
http://ID.me
Qbot Likes to Move It, Move It – The DFIR Report
https://thedfirreport.com/2022/02/07/qbot-likes-to-move-it-move-it/
Tweet / Twitter
https://twitter.com/GossiTheDog/status/1490739024922910722
x86matthew - Reading and writing remote process data without using ReadProcessMemory / WriteProcessMemory
https://www.x86matthew.com/view_post?id=read_write_proc_memory
Tom Gallagher on Twitter: "We're making some changes to the way Office macros work to improve security. Details here - https://t.co/uTdKRkVQWM. Thank you to folks across the security and Office platform teams for supporting this work - especially the Security team's PM Kellie." / Twitter
https://twitter.com/secbughunter/status/1490736699365675008
[DiceCTF 2022] - memory hole | kylebot's Blog
https://blog.kylebot.net/2022/02/06/DiceCTF-2022-memory-hole/![[DiceCTF 2022] - memory hole | kylebot's Blog](/image/screenshot/fb4c48c58c9e8686995781b3be976914.webp)
Dice CTF Memory Hole: Breaking V8 Heap Sandbox
https://mem2019.github.io/jekyll/update/2022/02/06/DiceCTF-Memory-Hole.html
N-W0rm analysis (Part 1) - SECUINFRA
https://www.secuinfra.com/en/techtalk/n-w0rm-analysis-part-1/
Microsoft plans to kill malware delivery via Office macros
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-make-it-difficult-to-enable-macros-in-downloaded-docs/
Attacking Active Directory: 0 to 0.9 | zer1t0
https://zer1t0.gitlab.io/posts/attacking_ad/
CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability
https://thehackernews.com/2022/02/cisa-orders-federal-agencies-to-patch.html
Hackers Backdoored Systems at China's National Games Just Before Competition
https://thehackernews.com/2022/02/hackers-backdoored-systems-at-chinas.html
GitHub - byt3bl33d3r/OffensiveNim: My experiments in weaponizing Nim (https://nim-lang.org/)
https://github.com/byt3bl33d3r/OffensiveNim
N-W0rm analysis (Part 2) - SECUINFRA
https://www.secuinfra.com/en/techtalk/n-w0rm-analysis-part-2
Adam Kay on Twitter: "A quick thread on in the importance of being careful what data you share - even if you're the Queen. Today, Her Maj tweeted this lovely picture, gor bless er, etc. You might think that the contents of the red box would be official business. And you'd be right. 1/6 https://t.co/y1RspNRUzy" / Twitter
https://twitter.com/amateuradam/status/1490394034900197388
A deeper dive into CVE-2021-39137 – a Golang security bug that Rust would have prevented – NCC Group Research
https://research.nccgroup.com/2022/02/07/a-deeper-dive-into-cve-2021-39137-a-golang-security-bug-that-rust-would-have-prevented/
SensePost | Sim hijacking
https://sensepost.com/blog/2022/sim-hijacking/
It is Okay to Use Writeups
https://www.hackthebox.com/blog/It-is-Okay-to-Use-Writeups
Beyond the good ol' LaunchAgents - 26 - Finder Sync Plugins · theevilbit blog
https://theevilbit.github.io/beyond/beyond_0026/
IRS announces it will stop use of facial recognition for identity verification | CyberScoop
https://www.cyberscoop.com/irs-facial-recognition-id-me/
Free decryptor released for TargetCompany ransomware victims
https://www.bleepingcomputer.com/news/security/free-decryptor-released-for-targetcompany-ransomware-victims/
Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor
https://thehackernews.com/2022/02/chinese-hackers-target-taiwanese.html
Shadow Credentials – Penetration Testing Lab
https://pentestlab.blog/2022/02/07/shadow-credentials/
Invisible Sandbox Evasion - Check Point Research
https://research.checkpoint.com/2022/invisible-cuckoo-cape-sandbox-evasion
Emotet/e5_emotet_07.02.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e5_emotet_07.02.2022.txt
IRS Will Soon Require Selfies for Online Access – Krebs on Security
https://krebsonsecurity.com/2022/01/irs-will-soon-require-selfies-for-online-access/
Emotet/e4_emotet_07.02.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e4_emotet_07.02.2022.txt
Malware Trends Tracker | ANY.RUN
https://any.run/malware-trends/
Tommy M (TheAnalyst) on Twitter: "I have observed a recent uptick in html attachments abusing "Right-to-Left override" Unicode in the file name, for example the recent Oauth #phishing consent campaign. This is a good detection opportunity that MDO seems to miss, so please check your environment. Regex "\u202E" https://t.co/TfFBpcSghv" / Twitter
https://twitter.com/ffforward/status/1486743442801704974