CVE-2022-21449: Psychic Signatures in Java – Neil Madden
https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/
Conti Group Targets ESXi Hypervisors With its Linux Variant
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-group-targets-esxi-hypervisors-with-its-linux-variant.html
Project Zero: The More You Know, The More You Know You Don’t Know
https://googleprojectzero.blogspot.com/2022/04/the-more-you-know-more-you-know-you.html
Cobalt Strike 4.6: The Line In The Sand | Cobalt Strike
https://www.cobaltstrike.com/blog/cobalt-strike-4-6-the-line-in-the-sand/
Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild
https://thehackernews.com/2022/04/hackers-exploiting-recently-reported.html
AWS's Log4Shell Hot Patch Vulnerable to Container Escape and Privilege Escalation
https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities/
GitHub - KeenSecurityLab/BinAbsInspector: BinAbsInspector: Vulnerability Scanner for Binaries
https://github.com/KeenSecurityLab/BinAbsInspector
Oracle Critical Patch Update Advisory - April 2022
https://www.oracle.com/security-alerts/cpuapr2022.html
Micah on Twitter: "I don't think people fully appreciate just how much, after invading Ukraine, people are hacking Russia. There are multiple hacks a week and it's only increasing. For first time in internet history Russia is fair game for cyber attacks, and this is what it looks like 🧵" / Twitter
https://twitter.com/micahflee/status/1516521193808875527
Abusing Azure Container Registry Tasks | by Andy Robbins | Posts By SpecterOps Team Members
https://posts.specterops.io/abusing-azure-container-registry-tasks-1f407bfaa465
CISA warns of attackers now exploiting Windows Print Spooler bug
https://www.bleepingcomputer.com/news/security/cisa-warns-of-attackers-now-exploiting-windows-print-spooler-bug/
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure | CISA
http://go.usa.gov/xuB7y
Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine | Broadcom Software Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-intense-campaign-ukraine
Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System
https://thehackernews.com/2022/04/researchers-detail-bug-that-could.html
Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers
https://thehackernews.com/2022/04/okta-says-security-breach-by-lapsus.html
Lessons from the Conti Leaks
https://blog.bushidotoken.net/2022/04/lessons-from-conti-leaks.html
SMB1 now disabled by default for Windows 11 Home Insiders builds - Microsoft Tech Community
https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb1-now-disabled-by-default-for-windows-11-home-insiders-builds/ba-p/3289473
Qakbot/Qakbot_obama177_20.04.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_obama177_20.04.2022.txt
Sponsor @its-a-feature on GitHub Sponsors · GitHub
https://github.com/sponsors/its-a-feature?o=sd&sc=t
REvil's TOR sites come alive to redirect to new ransomware operation
https://www.bleepingcomputer.com/news/security/revils-tor-sites-come-alive-to-redirect-to-new-ransomware-operation/
Sophos on Twitter: "Something I'd like to see more of in the #infosec industry is ________________." / Twitter
https://twitter.com/Sophos/status/1516733584241053697
Qakbot/Qakbot_AA_20.04.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_AA_20.04.2022.txt
Spotify – Mr. President - song and lyrics by Cos Chris
https://open.spotify.com/track/2o8kmcip6yKFcYGluRxWe5?si=FJx9wKfWRV-9ePQRcu9niw
Thomas H. Ptacek on Twitter: "Welp. It’s the crypto bug of the year. Mark it down for April. Java 15-18 ECDSA doesn’t sanity check that the random x coordinate and signature proof are nonzero; a (0,0) signature validates any message. Breaks JWT, SAML, &c. https://t.co/t2WgnS0g3A" / Twitter
https://twitter.com/tqbf/status/1516570590211153922
Crypto Exchange’s New Emoji Looks Like a Swastika and People Are Losing It
https://www.vice.com/en/article/bvn4q3/crypto-exchanges-new-emoji-looks-like-a-swastika-and-people-are-losing-it
http://redsiege.com/wedoff
http://redsiege.com/wedoff
Webinar Registration - Zoom
https://specterops.zoom.us/webinar/register/WN_9UZef0yUSQqR7Njqj2Cvbw
Cryptolaemus on Twitter: "🚨#Emotet Update🚨 - Looks like Ivan laid an egg for easter and has been busy. As of about 14:00UTC today 2022/04/18 - Emotet on Epoch 4 has switched over to using 64-bit loaders and stealer modules. Previously everything was 32-bit except for occasional loader shenanigans. 1/x" / Twitter
https://twitter.com/Cryptolaemus1/status/1516261512372965383