Russian cyber operations against Ukraine: Declaration by the High Representative on behalf of the European Union - Consilium
https://www.consilium.europa.eu/en/press/press-releases/2022/05/10/russian-cyber-operations-against-ukraine-declaration-by-the-high-representative-on-behalf-of-the-european-union/
Diving into pre-created computer accounts - TrustedSec
https://www.trustedsec.com/blog/diving-into-pre-created-computer-accounts/
Making NtCreateUserProcess Work - Hack.Learn.Share
https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html
Russia behind cyber-attack with Europe-wide impact an hour before Ukraine invasion - GOV.UK
https://www.gov.uk/government/news/russia-behind-cyber-attack-with-europe-wide-impact-an-hour-before-ukraine-invasion
Learning Linux kernel exploitation - Part 2 - CVE-2022-0847
https://0x434b.dev/learning-linux-kernel-exploitation-part-2-cve-2022-0847/
Project Zero: Release of Technical Report into the AMD Security Processor
https://googleprojectzero.blogspot.com/2022/05/release-of-technical-report-into-amd.html
Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923) | by Oliver Lyak | IFCR
https://research.ifcr.dk/9e098fe298f4
Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/
CYBERUK ONLINE - YouTube
https://www.youtube.com/c/CYBERUKONLINE
Releases · hasherezade/mal_unpack_drv · GitHub
https://github.com/hasherezade/mal_unpack_drv/releases
Releases · hasherezade/mal_unpack
https://github.com/hasherezade/mal_unpack/releases
Attribution of Russia’s Malicious Cyber Activity Against Ukraine - United States Department of State
https://www.state.gov/attribution-of-russias-malicious-cyber-activity-against-ukraine/
Microsoft fixes new NTLM relay zero-day in all Windows versions
https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-new-ntlm-relay-zero-day-in-all-windows-versions/
Secretary Antony Blinken on Twitter: "Russia’s cyber activities targeting Ukraine may be less visible than its missile and artillery bombardments, but they are key pieces of the Kremlin’s unjustified war. Today we are sharing the truth about these activities. https://t.co/qh9t9gXB2v" / Twitter
https://twitter.com/SecBlinken/status/1524064349844910081
Security Response on Twitter: "Security Updates for May 2022 are now available! Details are here: https://t.co/ZKxt7vgBBl" / Twitter
https://twitter.com/msftsecresponse/status/1524075252719923200
Dirty Deeds Done Dirt Cheap: Russian RAT Offers Backdoor Bargains
https://blogs.blackberry.com/en/2022/05/dirty-deeds-done-dirt-cheap-russian-rat-offers-backdoor-bargains
Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923) | by Oliver Lyak | IFCR
https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4
Shields Up | CISA
http://cisa.gov/shields-up
LEAK: Commission to force scanning of communications to combat child pornography – EURACTIV.com
https://www.euractiv.com/section/data-protection/news/leak-commission-to-force-scanning-of-communications-to-combat-child-pornography/
Critical Gems Takeover Bug Reported in RubyGems Package Manager
https://thehackernews.com/2022/05/critical-gems-takeover-bug-reported-in.html
Hackers are now hiding malware in Windows Event Logs
https://www.bleepingcomputer.com/news/security/hackers-are-now-hiding-malware-in-windows-event-logs/
Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory
https://thehackernews.com/2022/05/microsoft-mitigates-rce-vulnerability.html
Russia behind cyber attack with Europe-wide impact an hour... - NCSC.GOV.UK
https://www.ncsc.gov.uk/news/russia-behind-cyber-attack-with-europe-wide-impact-hour-before-ukraine-invasion
Install · decalage2/oletools Wiki · GitHub
https://github.com/decalage2/oletools/wiki/Install
Alec Muffett on Twitter: "Well, this is some interesting reading for the afternoon. https://t.co/1z96uE1REx https://t.co/X8Fybvv4fj" / Twitter
https://twitter.com/AlecMuffett/status/1524066299600683008
Ryan Naraine on Twitter: ""An unauthenticated attacker could call a method on the LSARPC interface and coerce the domain controller to authenticate to the attacker using NTLM..." Fresh Windows 0day (CVE-2022-26925) https://t.co/XrevYvpj4H" / Twitter
https://twitter.com/ryanaraine/status/1524076806940233728
https://rawcdn.githack.com/campuscodi/Microsoft-Patch-Tuesday-Security-Reports/1e7786fe1715dd9cfa861ca8d29a1091a2a4053f/Reports/MSRC_CVEs2022-May.html
https://rawcdn.githack.com/campuscodi/Microsoft-Patch-Tuesday-Security-Reports/1e7786fe1715dd9cfa861ca8d29a1091a2a4053f/Reports/MSRC_CVEs2022-May.html
Lincoln College to close after 157 years due ransomware attack
https://www.bleepingcomputer.com/news/security/lincoln-college-to-close-after-157-years-due-ransomware-attack/
Germán Fernández on Twitter: "🚨 Estoy viendo la explotación masiva de F5 BIG-IP CVE-2022-1388 (RCE), instalando #Webshell en /usr/local/www/xui/common/css/ como backdoor para mantener el acceso. Ataques desde: 216.162.206.213 209.127.252.207 Payload escribe en /tmp/f5.sh, ejecuta y elimina. https://t.co/W9BlpYTUEU" / Twitter
https://twitter.com/1ZRR4H/status/1523572874061422593
F5 iControl REST Endpoint Authentication Bypass Technical Deep Dive – Horizon3.ai
https://www.horizon3.ai/f5-icontrol-rest-endpoint-authentication-bypass-technical-deep-dive/
eu-csam-e2ee.pdf
https://alecmuffett.com/alecm/tmp/eu-csam-e2ee.pdf
Project Zero's Maddie Stone on the surge in zero-day discoveries - Security Conversations
https://securityconversations.com/episode/project-zeros-maddie-stone-on-the-surge-in-zero-day-discoveries/
(1) New Messages!
https://www.cybereason.com/blog/cybereason-vs.-quantum-locker-ransomware