Bill Demirkapi on Twitter: "The LAPSUS$ ransomware group has claimed to breach Okta sharing the following images from internal systems. https://t.co/eTtpgRzer7" / Twitter
https://twitter.com/BillDemirkapi/status/1506107157124722690
Bill Demirkapi on Twitter: "New documents for the Okta breach: I have obtained copies of the Mandiant report detailing the embarrassing Sitel/SYKES breach timeline and the methodology of the LAPSUS$ group. 1/N https://t.co/z05uQYclg9 https://t.co/e0T4EdWPxT" / Twitter
https://twitter.com/BillDemirkapi/status/1508527487655067660
Сотрудники ФСБ россии участвующие в преступной деятельности страны-агрессора на территории Европы
https://gur.gov.ua/content/sotrudnyky-fsb-rossyy-uchastvuiushchye-v-prestupnoi-deiatelnosty-stranyahressora-na-terrytoryy-evropy.html
Lapsus$ found a spreadsheet of accounts as they breached Okta, documents show | TechCrunch
https://techcrunch.com/2022/03/28/lapsus-passwords-okta-breach/
Boris Nemtsov Tailed by FSB Squad Prior to 2015 Murder - bellingcat
https://www.bellingcat.com/news/2022/03/28/boris-nemtsov-tailed-by-fsb-squad-prior-to-2015-murder/
HTTPVoid Research | HTTPVoid is a research oriented team of computer security.
http://httpvoid.com/?p=Ruby-deserialization-gadget-on-rails.md
Max Colchester on Twitter: "Scoop: Abramovich suffered suspected poisoning along with Ukraine peace negotiators earlier this month. Full Story on @WSJ shortly" / Twitter
https://twitter.com/MaximColch/status/1508461578416496643
Zack Whittaker on Twitter: "According to a timeline of the Sitel intrusion compiled by Mandiant (dated March 17), the Lapsus$ hackers accessed a spreadsheet on Sitel’s internal network called “DomAdmins-LastPass.xlsx" early on January 21, around the time Okta was compromised. https://t.co/5q580tMNxT" / Twitter
https://twitter.com/zackwhittaker/status/1508521284908498951
Zack Whittaker on Twitter: "New documents offer the most detailed account so far of how the Lapsus$ group hacked Sitel, including how the hackers accessed a spreadsheet of 'domain admin' passwords on Sitel's network at the time they were compromising Okta. https://t.co/5q580tMNxT" / Twitter
https://twitter.com/zackwhittaker/status/1508519468544188422
CVE-2022-27666: Exploit esp6 modules in Linux kernel - ETenal
https://etenal.me/archives/1825
Page not found · GitHub · GitHub
https://github.com/Throns1956/watchguard_cve-2022-26318
Services - The DFIR Report
http://thedfirreport.com/services
URLhaus | http://st-florenceacademy.com/images/ycXMmz8ZqvZhf2vvT7sinEGrw/
https://urlhaus.abuse.ch/url/2117720/
NetBlocks on Twitter: "⚠️ Confirmed: A major internet disruption has been registered across #Ukraine on national provider #Ukrtelecom; real-time network data show connectivity collapsing to 13% of pre-war levels; the provider reports issues assigning new sessions 📰 Background: https://t.co/S0qJQ7CbNv https://t.co/BY2OOBK0m6" / Twitter
https://twitter.com/netblocks/status/1508453511176065033
GitHub - Bonfee/CVE-2022-0995: CVE-2022-0995 exploit
https://github.com/Bonfee/CVE-2022-0995
Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability
https://thehackernews.com/2022/03/muhstik-botnet-targeting-redis-servers.html
SOCKS4a Proxy in C# – Rasta Mouse
https://rastamouse.me/socks4a-proxy-in-csharp/
Qakbot/Qakbot_AA_28.03.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_AA_28.03.2022.txt
Hive ransomware ports its Linux VMware ESXi encryptor to Rust
https://www.bleepingcomputer.com/news/security/hive-ransomware-ports-its-linux-vmware-esxi-encryptor-to-rust/
GitHub - VirtualAlllocEx/Shellcode-Downloader-CreateThread-Execution: This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.
https://github.com/VirtualAlllocEx/Shellcode-Downloader-CreateThread-Execution
'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks
https://thehackernews.com/2022/03/purple-fox-hackers-spotted-using-new.html
Serious Vulnerability Exploited at Hacking Contest Impacts Over 200 HP Printers | SecurityWeek.Com
https://www.securityweek.com/serious-vulnerability-exploited-hacking-contest-impacts-over-200-hp-printers
VirusTotal - File - 4b5229b3250c8c08b98cb710d6c056144271de099a57ae09f5d2097fc41bd4f1
https://www.virustotal.com/gui/file/4b5229b3250c8c08b98cb710d6c056144271de099a57ae09f5d2097fc41bd4f1
Osirys on Twitter: "day5 stuck at the property. now even neighbours can’t help as all roads(including main ones leading to any town)are severely flooded. started running very low on essentials(tobacco and alcohol). rain shouldn’t stop for another 2 days.but could be worse,my heart goes to Ukrainians" / Twitter
https://twitter.com/osiryszzz/status/1497750383577694209
MalwareHunterTeam on Twitter: "@The_lesyk @talktoBOI @AIBIreland @WellsFargo @illegalFawn @PhishFeed @PhishStats It would be great if you could share that list in text format instead of a screenshot..." / Twitter
https://twitter.com/malwrhunterteam/status/1508426151647191041
PHP filter_var shenanigans :: pwning.systems
https://pwning.systems/posts/php_filter_var_shenanigans/
Microsoft Exchange targeted for IcedID reply-chain hijacking attacks
https://www.bleepingcomputer.com/news/security/microsoft-exchange-targeted-for-icedid-reply-chain-hijacking-attacks/
Triage | Behavioral Report
https://tria.ge/220328-jdgcfadbhl/behavioral1
Annual Vulnerability Intelligence Report: 2021 Edition | Rapid7
https://www.rapid7.com/info/2021-vulnerability-intelligence-report/
New Conversation Hijacking Campaign Delivering IcedID - Intezer
https://www.intezer.com/blog/research/conversation-hijacking-campaign-delivering-icedid
Risk Assessment | Tanium
https://bit.ly/36Td0U8
Emotet/e4_emotet_28.03.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e4_emotet_28.03.2022.txt
‘Most Severe’ Cyberattack Since Russian Invasion Crashes Ukraine Internet Provider
https://www.forbes.com/sites/thomasbrewster/2022/03/28/huge-cyberattack-on-ukrtelecom-biggest-since-russian-invasion-crashes-ukraine-telecom/
Bellingcat on Twitter: "Bellingcat can confirm that three members of the delegation attending the peace talks between Ukraine and Russia on the night of 3 to 4 March 2022 experienced symptoms consistent with poisoning with chemical weapons. One of victims was Russian entrepreneur Roman Abramovich." / Twitter
https://twitter.com/bellingcat/status/1508463513013997580
Whitepaper – Double Fetch Vulnerabilities in C and C++ – NCC Group Research
https://research.nccgroup.com/2022/03/28/whitepaper-double-fetch-vulnerabilities-in-c-and-c/
An EFF Investigation: Mystery GPS Tracker On A Supporter’s Car | Electronic Frontier Foundation
https://www.eff.org/deeplinks/2022/03/eff-investigation-mystery-gps-tracker-supporters-car
GitHub - o1mate/AppLocker-Bypass: Bypassing AppLocker with C#
https://github.com/o1mate/AppLocker-Bypass
Critical Sophos Firewall vulnerability allows remote code execution
https://www.bleepingcomputer.com/news/security/critical-sophos-firewall-vulnerability-allows-remote-code-execution/