'I can fight with a keyboard': How one Ukrainian IT specialist exposed a notorious Russian ransomware gang - CNNPolitics
https://www.cnn.com/2022/03/30/politics/ukraine-hack-russian-ransomware-gang/index.html
vx-underground - Directory
https://share.vx-underground.org/
Corey Quinn on Twitter: "So I've been a *mostly* happy @Ubiquiti customer, despite a few hiccups with their Cloud Key Gen 2+ model space heater. And a security breach. That I first found out about from @briankrebs. Against whom Ubiquiti has apparently just filed a lawsuit. https://t.co/7juZxBJSNi" / Twitter
https://twitter.com/QuinnyPig/status/1508965090019577856
Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests” – Krebs on Security
https://krebsonsecurity.com/2022/03/hackers-gaining-power-of-subpoena-via-fake-emergency-data-requests/
PoC/DCNMPwn.md at master · pedrib/PoC · GitHub
https://github.com/pedrib/PoC/blob/master/advisories/Cisco/DCNMPwn.md
Spring | Home
http://spring.cloud
KA-SAT Network cyber attack overview - Viasat
https://www.viasat.com/about/newsroom/blog/ka-sat-network-cyber-attack-overview/
Tracking cyber activity in Eastern Europe
https://blog.google/threat-analysis-group/tracking-cyber-activity-eastern-europe/
SpringShell: Spring Core RCE 0-day Vulnerability - Cyber Kendra
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
漏洞情报 | Spring RCE 0day高危漏洞预警
http://buaq.net/go-108269.html
Cyber Security Training Events | SANS Institute
https://www.sans.org/u/1jXn
IT Firm Globant Confirms Breach after LAPSUS$ Leaks 70GB of Data
https://thehackernews.com/2022/03/lapsus-claims-to-have-breached-it-firm.html
Page not found · GitHub · GitHub
https://github.com/chaosec2021/Spring-cloud-function-SpEL-RCE
Mars Stealer: Exclusive New Threat Research
https://blog.morphisec.com/threat-research-mars-stealer
EXCLUSIVE Hackers who crippled Viasat modems in Ukraine are still active- company official | Reuters
https://www.reuters.com/business/media-telecom/exclusive-hackers-who-crippled-viasat-modems-ukraine-are-still-active-company-2022-03-30/
Deadwood 2022 Conference - Wild West Hackin' Fest
https://wildwesthackinfest.com/deadwood/
Putin's hackers gained full access to Hungary's foreign ministry networks, the Orbán government has been unable to stop them | Direkt36
https://www.direkt36.hu/en/putyin-hekkerei-is-latjak-a-magyar-kulugy-titkait-az-orban-kormany-evek-ota-nem-birja-elharitani-oket/
Dive into Analysis with Malware Configuration - ANY.RUN Blog
https://any.run/cybersecurity-blog/malware-configuration/
Bug Alert – Advanced warning: possible remote code execution (RCE) in Spring, an extremely popular Java framework
https://bugalert.org/content/notices/2022-03-29-spring.html
Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances
https://thehackernews.com/2022/03/critical-sonicos-vulnerability-affects.html
Facebook paid Republican strategy firm to malign TikTok - The Washington Post
https://www.washingtonpost.com/technology/2022/03/30/facebook-tiktok-targeted-victory/
Apple, Meta Gave User Data to Hackers With Forged Legal Requests (AAPL, FB) - Bloomberg
https://www.bloomberg.com/news/articles/2022-03-30/apple-meta-gave-user-data-to-hackers-who-forged-legal-requests?sref=ylv224K8
vx-underground on Twitter: "A Java Springcore RCE 0day exploit has been leaked. It was leaked by a Chinese security researcher who, since sharing and/or leaking it, has deleted their Twitter account. We have not verified the exploit. tl;dr big if true Download the 0day POC here: https://t.co/SgPCdI00TS" / Twitter
https://twitter.com/vxunderground/status/1509170582469943303
Dustin Volz on Twitter: "NEW: The NSC has pressed the Treasury Department to ready sanctions against Kaspersky Lab and its namesake chief executive—but the idea has split the administration due to concerns over the size and scope of such a move. w/ @vmsalama https://t.co/eui1tgW5TS" / Twitter
https://twitter.com/dnvolz/status/1509267265262440454
CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices
https://thehackernews.com/2022/03/cisa-warns-of-ongoing-cyber-attacks.html
Viasat Inc. on Twitter: "Viasat is providing an overview and incident report on the cyber-attack against the KA-SAT network, which occurred on 24 February 2022, and resulted in a partial interruption of KA-SAT’s consumer-oriented satellite broadband service. Report here: https://t.co/FsiHl9Z7rG https://t.co/s4vYKIgbTd" / Twitter
https://twitter.com/ViasatInc/status/1509138423688294412
Emotet対応トリアージのポイント解説(2022-03-30) | ドクセル
https://www.docswell.com/s/snowyowl/K1WR8Z-2022-03-30-1_0
Malware-Traffic-Analysis.net - 2022-03-29 (Tuesday) - Emotet epoch 4 with Cobalt Strike
https://www.malware-traffic-analysis.net/2022/03/29/index.html
SpringShell: Spring Core RCE 0-day Vulnerability - Cyber Kendra
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html?m=1
BumbleBee (Malware Family)
https://malpedia.caad.fkie.fraunhofer.de/details/win.bumblebee
New Spring Java framework zero-day allows remote code execution
https://www.bleepingcomputer.com/news/security/new-spring-java-framework-zero-day-allows-remote-code-execution/
CVE-2022-27666: Exploit esp6 modules in Linux kernel - ETenal
https://etenal.me/archives/1825
signature-base/expl_spring4shell.yar at master · Neo23x0/signature-base · GitHub
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_spring4shell.yar