APT35 Automates Initial Access Using ProxyShell – The DFIR Report
https://thedfirreport.com/2022/03/21/apt35-automates-initial-access-using-proxyshell/
20 days in Mariupol: The team that documented city’s agony | AP News
https://apnews.com/article/russia-ukraine-europe-edf7240a9d990e7e3e32f82ca351dede
Threat Insight on Twitter: "Proofpoint observed new activity impacting French entities in the construction, real estate and government sectors. The attack is highly targeted and dates back to February with activity seen as recently as last week. 🐍 Our latest blog has the details: https://t.co/Jb7ks2BpvM https://t.co/Os1PShnTEE" / Twitter
https://twitter.com/threatinsight/status/1505845430323720193
Statement by President Biden on our Nation’s Cybersecurity - The White House
https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/statement-by-president-biden-on-our-nations-cybersecurity/
Serpent, No Swiping! New Backdoor Targets French Entities with Unique Attack Chain | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/serpent-no-swiping-new-backdoor-targets-french-entities-unique-attack-chain
BlueHat IL 2022 - Antonio Cocomazzi & Andrea Pierini - Relaying to Greatness - YouTube
https://www.youtube.com/watch?v=vfb-bH_HaW4
FACT SHEET: Act Now to Protect Against Potential Cyberattacks - The White House
https://www.whitehouse.gov/briefing-room/statements-releases/2022/03/21/fact-sheet-act-now-to-protect-against-potential-cyberattacks/
South Korean DarkHotel Hackers Targeted Luxury Hotels in Macau
https://thehackernews.com/2022/03/south-korean-darkhotel-hackers-targeted.html
Microsoft Investigating Claim of Breach by Extortion Gang
https://www.vice.com/en/article/y3vk9x/microsoft-hacked-lapsus-extortion-investigating
BlueHat IL - YouTube
https://www.youtube.com/playlist?list=PLnWGkkkDVeqiTAdYxmGJnAGpjSNRSKwKm
The DFIR Report on Twitter: "APT35 Automates Initial Access Using ProxyShell ➡️Initial Access: #ProxyShell ➡️Discovery: net, ipconfig, PowerShell, quser, etc. ➡️PrivEsc: Scheduled Task ➡️Defense Evasion: Real-time Monitoring & WDigest enablement ➡️Credential Access: Comsvcs.dll https://t.co/cpwniE2Juc" / Twitter
https://twitter.com/TheDFIRReport/status/1505875651366113284
Sysmon for Linux PowerShell Module - SysmonLinux.Util - YouTube
https://youtu.be/5s7yaqRgLYI
New Backdoor Targets French Entities via Open-Source Package Installer
https://thehackernews.com/2022/03/new-backdoor-targets-french-entities.html
LockBit Ransomware v2.0 | Chuong Dong
https://chuongdong.com/reverse%20engineering/2022/03/19/LockbitRansomware/
Wolfgang Smith on Twitter: "This came in a box on Friday from a "new vendor". I have planted devices for pentests, but I am looking for suggestions on how to investigate it. I am not a forensic person. @HackingDave @hacks4pancakes @NicoleBeckwith or anyone else with suggestions. DM is open #Forensic https://t.co/AM3qB1iHkg" / Twitter
https://twitter.com/akawombat42/status/1505671977473871872
Threads, Threads, and More Threads – Pavel Yosifovich
http://scorpiosoftware.net/2022/03/21/threads-threads-and-more-threads/
Shields Up | CISA
http://cisa.gov/shields-up
Microsoft Israel R&D Center | מיקרוסופט ישראל - מרכז מחקר ופיתוח
https://www.microsoftrnd.co.il/bluehatil/abstracts
British soldiers are ordered off WhatsApp due to hacking fears
https://www.dailymail.co.uk/news/article-10633873/amp/British-soldiers-ordered-WhatsApp-hacking-fears.html
Kim Zetter on Twitter: "British army in new order is banning soldiers from using WhatsApp out of concern Russia is intercepting messages. Story claims UK/US intel have “intercepted WhatsApp calls and located message senders” and UK now fears Russia is doing same. https://t.co/k1IgofVhIo" / Twitter
https://twitter.com/kimzetter/status/1505696676299771906
BlueHat IL 2022 - Saar Amar - Security Analysis of MTE Through Examples - YouTube
https://www.youtube.com/watch?v=LV8BK1ns1Ow
Shadow Chaser Group on Twitter: "Today our researchers have found sample which belongs to #SideCopy #APT group ITW:2c73866430b25707230652318aea48ac filename:Bn-Offrs-Album. zip ITW:e163fbce2507c89a106c8ad001dc099a filename: Image-8646-ZP.jpg.lnk https://t.co/j6NKoZnw4A" / Twitter
https://twitter.com/ShadowChasing1/status/1505893003382394884
Page Not Available | Mailchimp
https://bit.ly/3u1cLOG
Hackers demand $15 million ransom from TransUnion after cracking "password" password
https://www.bitdefender.com/blog/hotforsecurity/hackers-demand-15-million-ransom-from-transunion-after-cracking-password-password/
Emotet/e5_emotet_21.03.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e5_emotet_21.03.2022.txt
'CryptoRom' Crypto Scam Abusing iPhone Features to Target Mobile Users
https://thehackernews.com/2022/03/cryptorom-crypto-scam-abusing-iphone.html
GitHub - chvancooten/CloudLabsAD: Terraform + Ansible deployment scripts for an Active Directory lab environment.
https://github.com/chvancooten/CloudLabsAD