The Elite Hackers of the FSB
https://interaktiv.br.de/elite-hacker-fsb/en/index.html
How a Saudi woman's iPhone revealed hacking around the world | Reuters
https://www.reuters.com/technology/how-saudi-womans-iphone-revealed-hacking-around-world-2022-02-17/
YaraDBG v0.0.2
http://yaradbg.dev
| Job Preference
http://www.jobpreference.com
SensePost | Left to my own devices – fast ntcracking in rust
https://sensepost.com/blog/2022/left-to-my-own-devices-fast-ntcracking-in-rust/
Hackers slip into Microsoft Teams chats to distribute malware
https://www.bleepingcomputer.com/news/security/hackers-slip-into-microsoft-teams-chats-to-distribute-malware/
hakan on Twitter: "New: #Turla is one of the most skilled hacker groups operating. @FlorianFlade, Lea Frey and I've spent close to a year chasing down leads. We were able to identify, we think, two developers, their employers, and from there, their ties to the FSB. https://t.co/Zd8v4BFw90 https://t.co/xqL9wKwDKf" / Twitter
https://twitter.com/hatr/status/1494265579120869378
Bypassing software update package encryption – extracting the Lexmark MC3224i printer firmware (part 1) – NCC Group Research
https://research.nccgroup.com/2022/02/17/bypassing-software-update-package-encryption-extracting-the-lexmark-mc3224i-printer-firmware-part-1/
Access Denied
https://bit.ly/3LI1xqK
This New Tool Can Retrieve Pixelated Text from Redacted Documents
https://thehackernews.com/2022/02/this-new-tool-can-retrieve-pixelated.html
NSA Publishes Best Practices for Selecting Cisco Password Types > National Security Agency/Central Security Service > Article
https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2938313/nsa-publishes-best-practices-for-selecting-cisco-password-types/
Adding save function to reg.py for Backup Operators to Domain Admin exploitation by ShutdownRepo · Pull Request #1257 · fortra/impacket · GitHub
https://github.com/SecureAuthCorp/impacket/pull/1257
Canada's major banks go offline in mysterious hours-long outage
https://www.bleepingcomputer.com/news/security/canadas-major-banks-go-offline-in-mysterious-hours-long-outage/
Advisory: Cisco RV340 Dual WAN Gigabit VPN Router (RCE over LAN) - ONEKEY
https://www.iot-inspector.com/blog/advisory-cisco-rv340-dual-wan-gigabit-vpn-router-rce-over-lan/
GitHub - BishopFox/unredacter: Never ever ever use pixelation as a redaction technique
https://github.com/bishopfox/unredacter
mpgn on Twitter: "If you compromise a member of the Backup Operators group there is a direct path the become Domain Admin without a RDP/WinRM access to the DC ! Dump and export the SAM remotely on a remote share ! 🔥🎉 Thanks to @filip_dragovic for the initial POC ! https://t.co/M4MRbyJWLQ https://t.co/c5ypq32zMi" / Twitter
https://twitter.com/mpgn_x64/status/1493699411658092558
Zabbix - A Case Study of Unsafe Session Storage | Sonar
https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage
China’s Cyber Capabilities: Warfare, Espionage, and Implications for the United States | U.S.- CHINA | ECONOMIC and SECURITY REVIEW COMMISSION
https://www.uscc.gov/hearings/chinas-cyber-capabilities-warfare-espionage-and-implications-united-states
Shannon Vavra on Twitter: "NEW: The NSA, FBI & CISA are issuing an alert today to warn about Russian hackers going after defense contractors for info on weapons development, comms infrastructure, technological & scientific research, and obtaining sensitive, unclass info, as well export-controlled tech." / Twitter
https://twitter.com/shanvav/status/1493982228317155335
Zabbix - A Case Study of Unsafe Session Storage | Sonar
https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage?utm_source=twitter&utm_medium=social&utm_campaign=zabbix&utm_content=security&utm_term=mofu
Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry | Threatpost
https://threatpost.com/massive-linkedin-phishing-bot-attacks-hungry-job-seekers/178476/
Researchers Warn of a New Golang-based Botnet Under Continuous Development
https://thehackernews.com/2022/02/researchers-warn-of-new-golang-based.html
GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.
https://github.com/trickest/cve
Automating a Red Team Lab (Part 1): Domain Creation
https://nickzero.co.uk/automating-a-red-team-lab/
GitHub - o-o-overflow/dcf-game-infrastructure-public: Contains all the components necessary to run a DC finals (attack-defense CTF) game from OOO.
https://github.com/o-o-overflow/dcf-game-infrastructure-public
Microsoft Teams Targeted With Takeover Trojans | Threatpost
https://threatpost.com/microsoft-teams-targeted-takeover-trojans/178497/
LixaH_CL - Twitch
https://www.twitch.tv/lixah_cl