Stolen Images Campaign Ends in Conti Ransomware – The DFIR Report
https://thedfirreport.com/2022/04/04/stolen-images-campaign-ends-in-conti-ransomware/
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7 | Mandiant
https://www.mandiant.com/resources/evolution-of-fin7
A Syscall Journey in the Windows Kernel - Alice Climent-Pommeret
https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/
Dead Lay Out in Bucha for Weeks, Refuting Russian Claim, Satellite Images Show - The New York Times
https://www.nytimes.com/2022/04/04/world/europe/bucha-ukraine-bodies.html
GitHub - clem9669/hashcat-rule: Rule for hashcat or john. Aiming to crack how people generate their password
https://github.com/clem9669/hashcat-rule
Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums
https://thehackernews.com/2022/04/experts-shed-light-on-blackguard.html
Dr. Rege on Twitter: "@alonkol This just broke my heart... This is @TU_CARE's dataset. All of it... https://t.co/rczpmorYz0 Please acknowledge us for the work that we do..." / Twitter
https://twitter.com/Prof_Rege/status/1510755718177169414
GitHub - xforcered/InvisibilityCloak: Proof-of-concept obfuscation toolkit for C# post-exploitation tools
https://github.com/xforcered/InvisibilityCloak
Hackers breach MailChimp's internal tools to target crypto customers
https://www.bleepingcomputer.com/news/security/hackers-breach-mailchimps-internal-tools-to-target-crypto-customers/
Sharing is Caring: Abusing Shared Sections for Code Injection
https://billdemirkapi.me/sharing-is-caring-abusing-shared-sections-for-code-injection
Tweet / Twitter
https://twitter.com/alonkol/status/1510662819385159684
Establishment of the Bureau of Cyberspace and Digital Policy - United States Department of State
https://www.state.gov/establishment-of-the-bureau-of-cyberspace-and-digital-policy/
Fake Trezor data breach emails used to steal cryptocurrency wallets
https://www.bleepingcomputer.com/news/security/fake-trezor-data-breach-emails-used-to-steal-cryptocurrency-wallets/
FIN7 hackers evolve toolset, work with multiple ransomware gangs
https://www.bleepingcomputer.com/news/security/fin7-hackers-evolve-toolset-work-with-multiple-ransomware-gangs/
Conti Leaks: Examining the Panama Papers of Ransomware | Trellix
https://cutt.ly/gD5dgsR
Exploiting a double-edged SSRF for server and client-side impact – Yassine Aboukir – Application security engineering, consulting and bug bounties
https://www.yassineaboukir.com/blog/exploiting-a-double-edged-SSRF-for-server-and-client-side-impact/
Emotet/e5_emotet_04.04.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e5_emotet_04.04.2022.txt
Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers
https://thehackernews.com/2022/04/beastmode-ddos-botnet-exploiting-new.html
Combining techniques to defeat Windows Defender and default Applocker rules - kymBlog
https://kymb0.github.io/malwaredev-bypass-av-xml/
The Hollywood Reporter on Twitter: "Louis C.K. Wins Grammy for First Special Since Sexual Misconduct Allegations https://t.co/DKU9eeYMN0" / Twitter
https://twitter.com/thr/status/1510772466397892614
New Borat remote access malware is no laughing matter
https://www.bleepingcomputer.com/news/security/new-borat-remote-access-malware-is-no-laughing-matter/
Multiple Hacker Groups Capitalizing on Ukraine Conflict for Distributing Malware
https://thehackernews.com/2022/04/multiple-hacker-groups-capitalizing-on.html
Way West Conference - Wild West Hackin' Fest
https://wildwesthackinfest.com/way-west/
UniCon 2022 - April 8
https://www.scythe.io/unicon2022
Qakbot/Qakbot_obama172_04.04.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_obama172_04.04.2022.txt
HM Treasury on Twitter: "Chancellor @RishiSunak has asked @RoyalMintUK to create an NFT to be issued by the summer. This decision shows the the forward-looking approach we are determined to take towards cryptoassets in the UK. https://t.co/cd0tiailBK" / Twitter
https://twitter.com/hmtreasury/status/1510971092072079360
University Project Cataloged 1,100 Ransomware Attacks on Critical Infrastructure - SecurityWeek
https://www.securityweek.com/university-project-cataloged-1100-ransomware-attacks-critical-infrastructure
MFA Russia 🇷🇺 on Twitter: "⚡ Official Statement by @mod_russia ⚡ All the photos and videos published by the Kiev regime in Bucha are just another provocation. Facts 👉 https://t.co/L91uGBs4r5 ❗ This confirms conclusively this is another #hoax by the Kiev regime for the Western media. https://t.co/VO3umSNwkE" / Twitter
https://twitter.com/mfa_russia/status/1510648066403143683
Black Hills Information Security on Twitter: "Next BHIS Webcast Introduction to Pentesting w/ Mike Felch @ustayready Are you looking to make a transition into pentesting but are overwhelmed or just don’t know how to get started? Register: https://t.co/zjjbvLpaQF Or...watch on YouTube: https://t.co/VUfZss0fvs https://t.co/Gc1cKvq0fy" / Twitter
https://twitter.com/BHinfoSecurity/status/1511030472096239616