CVE-2022-21449: Psychic Signatures in Java – Neil Madden
https://neilmadden.blog/2022/04/19/psychic-signatures-in-java/
OffensiveCon22 - YouTube
https://www.youtube.com/playlist?list=PLYvhPWR_XYJnPvrhXE4RYvwZhV26nYTIp
GitHub - hakivvi/CVE-2022-29464: WSO2 RCE (CVE-2022-29464) exploit and writeup.
https://github.com/hakivvi/CVE-2022-29464
JSAC2022_workshop_macOS-forensic_en.pdf
https://jsac.jpcert.or.jp/archive/2022/pdf/JSAC2022_workshop_macOS-forensic_en.pdf
Adventures with KernelCallbackTable Injection - Hack.Learn.Share
https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
Home - PowerofTenOnline.com
http://PowerofTenOnline.com
security-labs-pocs/proof-of-concept-exploits/jwt-null-signature-vulnerable-app at main · DataDog/security-labs-pocs · GitHub
https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app
Not found – 404 error
https://jobs.lever.co/dragos/511d10a2-7f5d-45fc-9060-33588a92cd39
JBoss EAP/AS <= 6.* RCE - A little bit beyond \xAC\xED
https://jspin.re/jboss-eap-as-6-rce-a-little-bit-beyond-xac-xed/
Thomas H. Ptacek on Twitter: "Welp. It’s the crypto bug of the year. Mark it down for April. Java 15-18 ECDSA doesn’t sanity check that the random x coordinate and signature proof are nonzero; a (0,0) signature validates any message. Breaks JWT, SAML, &c. https://t.co/t2WgnS0g3A" / Twitter
https://twitter.com/tqbf/status/1516570590211153922
Attack On Europe: Documenting Russian Equipment Losses During The 2022 Russian Invasion Of Ukraine - Oryx
https://oryxspioenkop.com/2022/02/attack-on-europe-documenting-equipment.html
Criminals Abuse Apple Pay in Spending Sprees
https://www.vice.com/en/article/n7ngxm/apple-pay-fraud-spending-sprees-2fa-bots
New Incident Report Reveals How Hive Ransomware Targets Organizations
https://thehackernews.com/2022/04/new-incident-report-reveals-how-hive.html
Tweet / Twitter
https://twitter.com/uk_daniel_card/status/1517098575221694465
Cisco Umbrella default SSH key allows theft of admin credentials
https://www.bleepingcomputer.com/news/security/cisco-umbrella-default-ssh-key-allows-theft-of-admin-credentials/
Malware-Traffic-Analysis.net - 2022-04-20 (Wednesday) - Emotet epoch4 activity
https://www.malware-traffic-analysis.net/2022/04/20/index.html
Emotet/e4_emotet_21.04.2022.txt at main · pr0xylife/Emotet · GitHub
https://github.com/pr0xylife/Emotet/blob/main/e4_emotet_21.04.2022.txt
Black Hills Information Security on Twitter: "Our Spearphish General Store is closed until May 9th. When we launch...we should have the new ICS/OT Backdoors & Breaches deck from @DragosInc and @BHinfoSecurity https://t.co/XzSIQmYrqM" / Twitter
https://twitter.com/bhinfosecurity/status/1517178929202798592
MalwareBazaar | solarmarker
https://bazaar.abuse.ch/browse/tag/solarmarker/
Critical Chipset Bugs Open Millions of Android Devices to Remote Spying
https://thehackernews.com/2022/04/critical-chipset-bug-opens-millions-of.html
| Job Preference
http://www.jobpreference.com
MalwareBazaar | SHA256 c3148c6c4b0ecce9c7d07ba57dea96e35acf5f2ef47396c48339bb9a3a07e390 (BumbleBee)
https://bazaar.abuse.ch/sample/c3148c6c4b0ecce9c7d07ba57dea96e35acf5f2ef47396c48339bb9a3a07e390/
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure | CISA
https://www.cisa.gov/uscert/ncas/alerts/aa22-110a
MalwareBazaar | SHA256 3463f026ce1c325931e285b587b82f7f690db2e75929c7edd154df1e14f38c93 (BumbleBee)
https://bazaar.abuse.ch/sample/3463f026ce1c325931e285b587b82f7f690db2e75929c7edd154df1e14f38c93/
mRr3b00t #StandWithUkraine #DefendAsOne on Twitter: "Tabletop: you have 400 servers, 800 users and your cyber security budget is 100K.... what do you do? https://t.co/Nw0Pd7rH8L" / Twitter
https://twitter.com/uk_daniel_card/status/1516845587227947014
Qakbot/Qakbot_obama179_21.04.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_obama179_21.04.2022.txt
Sonia Cuff on Twitter: "Running a Microsoft Exchange server onprem solely for ongoing users management after #ExchangeOnline migration? Not anymore! The latest Management Tools can be installed on a domain-joined computer. Announcement: https://t.co/2RxNnNIqvf Details: https://t.co/ojy7MP0Has" / Twitter
https://twitter.com/soniacuff/status/1516931305317224448