The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
https://dirtypipe.cm4all.com/
2021 Year In Review – The DFIR Report
https://thedfirreport.com/2022/03/07/2021-year-in-review/
https://haxx.in/files/dirtypipez.c
https://haxx.in/files/dirtypipez.c
2 New Mozilla Firefox 0-Day Bugs Under Active Attack — Patch Your Browser ASAP!
https://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html
An update on the threat landscape
https://blog.google/threat-analysis-group/update-threat-landscape-ukraine/
SATCOM terminals under attack in Europe: a plausible analysis.
https://www.reversemode.com/2022/03/satcom-terminals-under-attack-in-europe.html
Space / Twitter
https://twitter.com/i/spaces/1vAxRkddrOrKl
Abusing Kerberos Constrained Delegation without Protocol Transition | snovvcrash@gh-pages:~$ _
https://snovvcrash.rocks/2022/03/06/abusing-kcd-without-protocol-transition.html
Symbolic Execution For Bug Hunting in Binaries - Google スライド
https://docs.google.com/presentation/d/1E3uE-4mYpenw0s40rtMbIdxj3fJgC79aHCeiIlJSY5Y/edit?usp=drivesdk
| Job Preference
http://www.jobpreference.com
GitHub · Where software is built
https://github.com/Cybernite-Technologies/trickbot-leak
Rompetrol gas station network hit by Hive ransomware
https://www.bleepingcomputer.com/news/security/rompetrol-gas-station-network-hit-by-hive-ransomware/
The Dirty Pipe Vulnerability — The Dirty Pipe Vulnerability documentation
https://dirtypipe.cm4all.com
GitHub - klezVirus/SysWhispers3: SysWhispers on Steroids - AV/EDR evasion via direct system calls.
https://github.com/klezVirus/SysWhisper3
GitHub - binref/refinery: High Octane Triage Analysis
https://github.com/binref/refinery
Yanir Tsarimi on Twitter: "I found a vulnerability in #Azure allowing me to access Azure accounts of companies worth billions We all know vulnerabilities exist. This isn't an injection, XSS, or RCE. But the crazy thing about it? It took 2 hours to discover. 🤯 Here's the story of #AutoWarp👇 (1/10)" / Twitter
https://twitter.com/Yanir_/status/1500863874412724229
Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts
https://thehackernews.com/2022/03/ukrainian-cert-warns-citizens-of.html
Russian invasion of Ukraine: UK government response - GOV.UK
http://ow.ly/w0qe50IbnBp
CYBERUK 2022 Homepage
https://www.cyberuk.uk/website/7174/
GitHub - Bandit-HaxUnit/haxunit
https://github.com/Bandit-HaxUnit/haxunit
MalwareBazaar | mise
https://bazaar.abuse.ch/browse/tag/mise/
GitHub - j3ssie/sdlookup: IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io
https://github.com/j3ssie/sdlookup
AutoWarp Microsoft Azure Automation Vulnerability - Orca Security
https://orca.security/resources/blog/autowarp-microsoft-azure-automation-service-vulnerability/
Expert IT Training for Networking, Cyber Security and Cloud | INE
https://bit.ly/3tCo0wS
Hate for Putin’s Russia Consumes Ukraine - The New York Times
https://www.nytimes.com/2022/03/07/world/europe/ukraine-putin-hate.html
Girls Who Code on Twitter: "This week, in partnership with @CISAgov, we’re featuring some amazing women working in the #Cybersecurity field. Today, we’re spotlighting Parisa Tabriz, a computer security expert and Google’s “Security Princess.” https://t.co/rErk97wXaM" / Twitter
https://twitter.com/GirlsWhoCode/status/1500903438707830794
GitHub - curated-intel/Ukraine-Cyber-Operations: Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
https://github.com/curated-intel/Ukraine-Cyber-Operations
Finding 0day in Apache APISIX During CTF (CVE-2022-24112) - YouTube
https://youtu.be/yrCXamnX9No
Atac cibernetic la Rompetrol. Mai multe servere au fost criptate / UPDATE DNSC și Rompetrol au confirmat atacul - măsurile luate - HotNews.ro
https://economie.hotnews.ro/stiri-telecom-25416147-surse-atac-cibernetic-rompetrol-mai-multe-masini-sunt-criptate-firma-unde-are-hosting.htm
blasty on Twitter: "Dirty Pipe PoC (https://t.co/ql5Y8pWDBj) works beautifully. 🤑 https://t.co/OrRYJE5skC" / Twitter
https://twitter.com/bl4sty/status/1500812285358530561
Tweet / Twitter
https://twitter.com/asbmilitary/status/1500505238507249664
Samsung confirms hackers stole Galaxy devices source code
https://www.bleepingcomputer.com/news/security/samsung-confirms-hackers-stole-galaxy-devices-source-code/
GitHub - rootsecdev/pyKerbrute: Use python to perform Kerberos pre-auth bruteforcing
https://github.com/rootsecdev/pyKerbrute
CVE-2021-35587 OAM Pre-Auth RCE PoC - YouTube
https://youtu.be/pkoHPJSAB2o
Власти изолируют сети – Бизнес – Коммерсантъ
https://kommersant.ru/doc/5249500
CVE-2022-22005 Microsoft SharePoint RCE | HoangND
https://hnd3884.github.io/posts/cve-2022-22005-microsoft-sharepoint-RCE/
SharkBot Banking Malware Spreading via Fake Android Antivirus App on Google Play Store
https://thehackernews.com/2022/03/sharkbot-banking-malware-spreading-via.html