Justice Department Announces Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU) | OPA | Department of Justice
https://www.justice.gov/opa/pr/justice-department-announces-court-authorized-disruption-botnet-controlled-russian-federation
The Myth of the Missing Cyberwar | Foreign Affairs
https://www.foreignaffairs.com/articles/ukraine/2022-04-06/myth-missing-cyberwar
Revealed: 30 Top Female Cybersecurity Leaders 2022 | SC Media UK
https://insight.scmagazineuk.com/women-of-influence-30-top-cybersecurity-leaders-2022
2258 - cmark-gfm: Integer overflow in table extension - project-zero
https://bugs.chromium.org/p/project-zero/issues/detail?id=2258
WannaHusky Malware Analysis w/ YARA + TTPs | by Mars | Medium
https://medium.com/@mars0x/wannahusky-malware-analysis-w-yara-ttps-2069fb479909
Felix Wilhelm on Twitter: "I stumbled upon a fun heap overflow in Github's markdown rendering library. RCE via a malicious README 🤔 Demonstrates the risk of memory unsafe dependencies used by scripting languages. https://t.co/4zFIdgNmZN https://t.co/9zWFyUuFyS" / Twitter
https://twitter.com/_fel1x/status/1499691103934681088
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://i5c.us/d28522
Unmanaged Code Execution with .NET Dynamic PInvoke – bohops
https://bohops.com/2022/04/02/unmanaged-code-execution-with-net-dynamic-pinvoke/
Azure Active Directory Exposes Internal Information - Threat Analysis | Secureworks
https://www.secureworks.com/research/azure-active-directory-exposes-internal-information
Tanium Now Available in the Microsoft Azure Marketplace | Tanium
http://bit.ly/3Kd3yKk
Learning Machine Learning Part 1: Introduction and Revoke-Obfuscation | by Will Schroeder | Posts By SpecterOps Team Members
https://posts.specterops.io/learning-machine-learning-part-1-introduction-and-revoke-obfuscation-c73033184f0
Analyzing a “multilayer” Maldoc: A Beginner’s Guide – NVISO Labs
https://blog.nviso.eu/2022/04/06/analyzing-a-multilayer-maldoc-a-beginners-guide/
GitHub - IcebreakerSecurity/DelegationBOF
https://github.com/IcebreakerSecurity/DelegationBOF
Qakbot/Qakbot_obama174_06.04.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_obama174_06.04.2022.txt
Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
https://bit.ly/3r7jfuO
FBI Pittsburgh on Twitter: "#FBI Pittsburgh SAC Nordwall issued the below quote after the announcement of a court-authorized disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate (GRU) https://t.co/Bh1u3tqdaS" / Twitter
https://twitter.com/FBIPittsburgh/status/1511725140886831105
Qakbot/Qakbot_AA_06.04.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_AA_06.04.2022.txt
Tweet / Twitter
https://twitter.com/loquaciousloka/status/1511691670710009859
Apisecure 2022 - Apr 06 | Hopin
https://syn.ac/3DM0i6a
quit.pcc.eth on Twitter: "Today, bored ape holder "s27" lost their bubble gum ape and matching mutants ($567k at current floors) in an instant. This is a thread on how it happened, and how to prevent something similar from happening to you. 1/🧵" / Twitter
https://twitter.com/0xquit/status/1511198290565509120
Blog | CounterCraft
https://www.countercraftsec.com/blog/post/detecting-malicious-artifacts-using-an-etw-consumer-in-kernel-mode/
Block Admits Data Breach Involving Cash App Data Accessed by Former Employee
https://thehackernews.com/2022/04/block-admits-data-breach-involving-cash.html
US disrupts Russian Cyclops Blink botnet before being used in attacks
https://www.bleepingcomputer.com/news/security/us-disrupts-russian-cyclops-blink-botnet-before-being-used-in-attacks/