Browser In The Browser (BITB) Attack | mr.d0x
https://mrd0x.com/browser-in-the-browser-phishing-attack/
Have Your Cake and Eat it Too? An Overview of UNC2891 | Mandiant
https://www.mandiant.com/resources/unc2891-overview
Peter Schiff on Twitter: "I understand times are hard, but doesn't the President of the #Ukraine own a suit? I don't have much respect for current members of the U.S. Congress either, but I still wouldn't address them wearing a t-shirt. I wouldn't want to disrespect the institution or the Unites States." / Twitter
https://twitter.com/peterschiff/status/1504082706598146058
Exploit Development: Browser Exploitation on Windows - CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 2) | Home
https://connormcgarr.github.io/type-confusion-part-2/
Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018
https://thehackernews.com/2022/03/facebook-hit-with-186-million-gdpr-fine.html
Five Individuals Charged Variously with Stalking, Harassing and Spying on U.S. Residents on Behalf of the PRC Secret Police | OPA | Department of Justice
https://www.justice.gov/opa/pr/five-individuals-charged-variously-stalking-harassing-and-spying-us-residents-behalf-prc-0
New Linux botnet exploits Log4J, uses DNS tunneling for comms
https://www.bleepingcomputer.com/news/security/new-linux-botnet-exploits-log4j-uses-dns-tunneling-for-comms/
Top 10 CICD Security Risks - Cider Security Site
https://www.cidersecurity.io/top-10-cicd-security-risks/
The Discovery and Exploitation of CVE-2022-25636 · Nick Gregory
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
| Job Preference
http://www.jobpreference.com
mr.d0x on Twitter: "I published a blog article detailing a phishing technique I called Browser in the Browser (BITB) Attack. It's very simple but can be very effective. I also published templates on my Github feel free to test them out. https://t.co/EKArJoaMp7 https://t.co/Z0weuhKCmW" / Twitter
https://twitter.com/mrd0x/status/1503801717414105089
mRr3b00t #StandWithUkraine #DefendAsOne on Twitter: "UK hacker tweeps and infosec pros please respond to this: https://t.co/S4aiEnBhej" / Twitter
https://twitter.com/uk_daniel_card/status/1504042815457828871
Snyk on Twitter: "🚨 Vue.js applications with the dependency "node-ipc" are experiencing a critical supply chain vulnerability as part of a protest against the invasion of Ukraine. It also includes a new transitive dependency package named "peacenotwar". (1/2) https://t.co/hTf47SKgdP" / Twitter
https://twitter.com/snyksec/status/1504202271529201665
Multiple Flaws Uncovered in ClickHouse OLAP Database System for Big Data
https://thehackernews.com/2022/03/multiple-flaws-uncovered-in-clickhouse.html
URLhaus | Browse
https://urlhaus.abuse.ch/browse.php?search=www[.]arkpp[.]com
Microsoft Defender tags Office updates as ransomware activity
https://www.bleepingcomputer.com/news/security/microsoft-defender-tags-office-updates-as-ransomware-activity/
CVE-2022-22616 - YouTube
https://www.youtube.com/watch?v=S5moPnXnvaE
From XSS to RCE (dompdf 0day) | Positive Security
https://positive.security/blog/dompdf-rce
Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability | CISA
https://www.cisa.gov/uscert/ncas/alerts/aa22-074a
Tweet / Twitter
https://twitter.com/leonard_effort/status/1504056654010142730
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://i5c.us/d28448
New Ransomware Family Identified: LokiLocker RaaS Targets Windows Systems
https://blogs.blackberry.com/en/2022/03/lokilocker-ransomware
Offensive_tools/PostDump at main · post-cyberlabs/Offensive_tools · GitHub
https://github.com/post-cyberlabs/Offensive_tools/tree/main/PostDump
Infosecurity Magazine Cybersecurity Online Summit - 22nd March, 2022
https://bit.ly/3wd046e
Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters
https://thehackernews.com/2022/03/unpatched-rce-bug-in-dompdf-project.html
John Åkerblom on Twitter: "iOS 15.4 fixes a kernel vulnerability introduced in iOS 15.0 beta that causes corruption of ipc_kmsgs leading to powerful primitives that can be used for local privilege escalation from WebContent and app sandbox" / Twitter
https://twitter.com/jaakerblom/status/1504103474757533699
FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug
https://thehackernews.com/2022/03/fbi-cisa-warn-of-russian-hackers.html
Technical Advisory – Apple macOS XAR – Arbitrary File Write (CVE-2022-22582) – NCC Group Research
https://research.nccgroup.com/2022/03/15/technical-advisory-apple-macos-xar-arbitrary-file-write-cve-2022-22582/
Brianna Wu on Twitter: "Fun fact: Men who are abusive towards women in online games are lower skilled. Men with gaming high skills behave much more positively and respectfully. So it’s all about male insecurity. https://t.co/iQCBBjHh03" / Twitter
https://twitter.com/BriannaWu/status/1504137436141608961