Confluence Security Advisory 2022-06-02 | Confluence Data Center and Server 7.19 | Atlassian Documentation
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
Zero-Day Exploitation of Atlassian Confluence | Volexity
https://www.volexity.com/blog/2022/06/02/zero-day-exploitation-of-atlassian-confluence/
Volexity on Twitter: ".@Volexity discovers zero-day exploit impacting all current versions of Atlassian Confluence Server and Data Center. Attackers deploy in-memory Java implant to evade detection. Read more in our latest blog post: https://t.co/aCSwnSUfj8 #DFIR #ThreatIntel #InfoSec" / Twitter
https://twitter.com/Volexity/status/1532492927813013507
SideWinder.AntiBot.Script
https://blog.group-ib.com/sidewinder-antibot
C:\hristian Mehlmauer on Twitter: "Want to watch the world burn? Here is a tool to check all NPM package maintainers for unregistered domains to hijack those packages by registering the domain again. NPM security guys are not interested in this data so here you go: https://t.co/zejv4ayWhy" / Twitter
https://twitter.com/firefart/status/1532091679741825024
Using Python to unearth a goldmine of threat intelligence from leaked chat logs - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/06/01/using-python-to-unearth-a-goldmine-of-threat-intelligence-from-leaked-chat-logs/
WinDealer dealing on the side | Securelist
https://securelist.com/windealer-dealing-on-the-side/105946/
New Windows Search zero-day added to Microsoft protocol nightmare
https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/
Takedown of SMS-based FluBot spyware infecting Android phones | Europol
https://www.europol.europa.eu/media-press/newsroom/news/takedown-of-sms-based-flubot-spyware-infecting-android-phones
CVE-2022-30190: Microsoft Support Diagnostic Tool (MSDT) RCE Vulnerability “Follina” | FortiGuard Labs
https://www.fortinet.com/blog/threat-research/analysis-of-follina-zero-day
Internal Tech Emails on Twitter: "Elon Musk on remote work May 31, 2022 https://t.co/gTw1Bdh18h" / Twitter
https://twitter.com/techemails/status/1531994582669348864
Amnesty Tech on Twitter: "📢🚨 We are thrilled to launch the Digital Forensics Fellowship, a new programme that will run from July 2022 to May 2023 with a first cohort of 5 Fellows. For more information check out the thread 🧵 and link below: https://t.co/zOXnLfKjYj https://t.co/O9kkRTS6DL" / Twitter
https://twitter.com/AmnestyTech/status/1532038377528246272
Exposing POLONIUM activity and infrastructure targeting Israeli organizations - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/06/02/exposing-polonium-activity-and-infrastructure-targeting-israeli-organizations/
WeLeakInfo.to and Related Domain Names Seized | USAO-DC | Department of Justice
https://www.justice.gov/usao-dc/pr/weleakinfoto-and-related-domain-names-seized
ExpressVPN Removes Servers in India After Refusing to Comply with Government Order
https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html
Make JDBC Attacks Brilliant Again II
https://pyn3rd.github.io/2022/06/02/Make-JDBC-Attacks-Brilliant-Again/
To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions | Mandiant
https://www.mandiant.com/resources/unc2165-shifts-to-evade-sanctions
Domain Seized
http://WeLeakInfo.to
Clipminer malware gang stole $1.7M by hijacking crypto payments
https://www.bleepingcomputer.com/news/security/clipminer-malware-gang-stole-17m-by-hijacking-crypto-payments/
ZDI-22-806 | Zero Day Initiative
https://www.zerodayinitiative.com/advisories/ZDI-22-806/
International Authorities Take Down Flubot Malware Network | Threatpost
https://threatpost.com/international-authorities-take-down-flubot-malware-network/179825/
Enumeration and lateral movement in GCP environments | by Security Shenanigans | InfoSec Write-ups
https://securityshenanigans.medium.com/enumeration-and-lateral-movement-in-gcp-environments-c3b82d342794
Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks
https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html
GitHub - airbus-cert/ttddbg: Time Travel Debugging IDA plugin
https://github.com/airbus-cert/ttddbg
Foxconn confirms ransomware attack disrupted production in Mexico
https://www.bleepingcomputer.com/news/security/foxconn-confirms-ransomware-attack-disrupted-production-in-mexico/
Binary Defense - Threat Researcher/Hunter (remote)
https://recruiting.paylocity.com/recruiting/jobs/Details/561129/Binary-Defense/Threat-ResearcherHunter-remote
DOJ Seizes 3 Web Domains Used to Sell Stolen Data and DDoS Services
https://thehackernews.com/2022/06/doj-seizes-3-web-domains-used-to-sell.html
Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?
https://www.zerodayinitiative.com/blog/2022/6/1/is-exploiting-a-null-pointer-deref-for-lpe-just-a-pipe-dream
Hatching Triage | Behavioral Report
https://tria.ge/220602-yjvvcabad9/behavioral4#report