Process Injection via Component Object Model (COM) IRundown::DoCallback() - MDSec
https://www.mdsec.co.uk/2022/04/process-injection-via-component-object-model-com-irundowndocallback/
Unmanaged Code Execution with .NET Dynamic PInvoke – bohops
https://bohops.com/2022/04/02/unmanaged-code-execution-with-net-dynamic-pinvoke/
MDSec on Twitter: "Interested in covert code injection? @modexpblog outlines some techniques using COM in a new post "Process Injection via Component Object Model (COM) IRundown::DoCallback()" https://t.co/cWZ45AEqni https://t.co/7L4H6VJJtK" / Twitter
https://twitter.com/MDSecLabs/status/1511348442332811273
Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation | by Will Schroeder | Posts By SpecterOps Team Members
https://posts.specterops.io/learning-machine-learning-part-1-introduction-and-revoke-obfuscation-c73033184f0
Randomizing the KUSER_SHARED_DATA Structure on Windows – Microsoft Security Response Center
https://msrc-blog.microsoft.com/2022/03/30/randomizing-the-kuser_shared_data-structure-on-windows/
FIN7 Power Hour: Adversary Archaeology and the Evolution of FIN7 | Mandiant
https://www.mandiant.com/resources/evolution-of-fin7
Germany Shuts Down Russian Hydra Darknet Market; Seizes $25 Million in Bitcoin
https://thehackernews.com/2022/04/germany-shuts-down-russian-hydra.html
Cicada: Chinese APT Group Widens Targeting in Recent Espionage Activity | Broadcom Software Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/cicada-apt10-china-ngo-government-attacks
GitHub - jhftss/CVE-2022-22639: CVE-2022-22639: Get a Root Shell on macOS Monterey
https://github.com/jhftss/CVE-2022-22639
BKA - Homepage - HTTP Status 404
https://www.bka.de/DE/Presse/Listenseite_Pressemitteilungen/2022/Presse2022/220405_PM_IllegalerDarknetMarktplatz.html?s=09
Making SMB Accessible with NTLMquic - TrustedSec
https://www.trustedsec.com/blog/making-smb-accessible-with-ntlmquic/
Germany takes down Hydra, world's largest darknet market
https://www.bleepingcomputer.com/news/legal/germany-takes-down-hydra-worlds-largest-darknet-market/
Malware-Traffic-Analysis.net - 2022-04-04 (Monday) - Emotet epoch 5 infection with spambot traffic
https://www.malware-traffic-analysis.net/2022/04/04/index.html
Bypassing Access Mask Auditing Strategies | by Jonathan Johnson | Medium
https://jsecurity101.medium.com/bypassing-access-mask-auditing-strategies-480fb641c158
MalwareBazaar | EnelEnergia
https://bazaar.abuse.ch/browse/tag/EnelEnergia/
Social Engineering Community on Twitter: "Our new website is live! https://t.co/u7wqidZiuN Check out this thread to see what we are taking submissions for. We can't wait to see you all at @defcon 30! #secommunity #DEFCON #socialengineering #vishing #contest #infosec" / Twitter
https://twitter.com/sec_defcon/status/1511199817946468355
最近の”サイバー攻撃の動向”に関する情報発信について思うこと - JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ
https://blogs.jpcert.or.jp/ja/2022/04/trends_of_cyber_threat.html
GitHub - NextronSystems/ransomware-simulator: Ransomware simulator written in Golang
https://github.com/NextronSystems/ransomware-simulator
Researchers Trace Widespread Espionage Attacks Back to Chinese 'Cicada' Hackers
https://thehackernews.com/2022/04/researchers-trace-widespread-espionage.html
Making SMB Accessible with NTLMquic - TrustedSec
https://hubs.la/Q017qRRt0
Social Engineering Community – The SE Community at DEF CON
https://se.community/
CVE-2021-38159: MOVEit Transfer SQL Injection Analysis
https://blog.viettelcybersecurity.com/moveit-transfer-cve/
Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams
https://thehackernews.com/2022/04/hackers-breach-mailchimp-email.html
CVE-2022-22639 - YouTube
https://www.youtube.com/watch?v=-vbkTLHh874
SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965 - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/04/04/springshell-rce-vulnerability-guidance-for-protecting-against-and-detecting-cve-2022-22965/
WhatsApp voice message phishing emails push info-stealing malware
https://www.bleepingcomputer.com/news/security/whatsapp-voice-message-phishing-emails-push-info-stealing-malware/
SecurityZines
http://securityzines.com
HD – Darknet Diaries
https://darknetdiaries.com/episode/114
UniCon 2022 - April 8
https://www.scythe.io/unicon2022
Azure Active Directory Exposes Internal Information - Threat Analysis | Secureworks
https://www.secureworks.com/research/azure-active-directory-exposes-internal-information
Dead Lay Out in Bucha for Weeks, Refuting Russian Claim, Satellite Images Show - The New York Times
https://www.nytimes.com/2022/04/04/world/europe/bucha-ukraine-bodies.html