2022-06-05 | Hacker Trends

8 Posts

Watcher.Guru on Twitter: "🚨BREAKING: Bored Ape Yacht Club and Otherside Metaverse Discord servers have been hacked. Millions worth of #NFTs reportedly stolen." / Twitter

https://twitter.com/watcherguru/status/1533106970630270982

7 Posts

GitHub - mattifestation/AntimalwareBlight: Execute PowerShell code at the antimalware-light protection level.

https://github.com/mattifestation/AntimalwareBlight

5 Posts

Brute force attacks against Windows Remote Desktop

https://trunc.org/learning/brute-force-attacks-against-windows-remote-desktop

5 Posts

404 Page Not Found - Xmind - Mind Mapping Software

https://www.xmind.net/m/5dypm8/

4 Posts

El Universal (@ElUniversal) / Twitter

https://twitter.com/ElUniversal

4 Posts

PiRogue tool suite - Mobile forensic & Network traffic analysis

https://piroguetoolsuite.github.io/

4 Posts

Pole Vault Power on Twitter: "This is my daughter. She just turned 9. Here is why I would never allow her to play middle or high school sports if we lived in Ohio… https://t.co/K7CDgFVhr0" / Twitter

https://twitter.com/polevaultpower/status/1533263117911613440

4 Posts

Corey Quinn on Twitter: "Corporate Infosec sends a phishing test email, I click, and somehow I'm the asshole because "[I] failed the test; had this been real it would have destroyed the company network"? If me clicking can destroy the network, I'm not the one in this conversation who sucks at their job." / Twitter

https://twitter.com/QuinnyPig/status/1532724283079700480

4 Posts

j.d.christopher on Twitter: "Catastrophic failure at an aluminum extrusion line. Looks like an overpressure event and the oil itself (over a drop ceiling no less) open a portal to a demon dimension… https://t.co/VQeM0f85Mw" / Twitter

https://twitter.com/jdchristopher/status/1533089680274731010

4 Posts

Rata ✨ on Twitter: "the best part of Morbius was when he said "IT'S MORBIN' TIME" and morbed all over those guys" / Twitter

https://twitter.com/RANK10YGO/status/1510361009621450761

3 Posts

GreyNoise

https://viz.greynoise.io/query/?gnql=tags%3A%22Atlassian%20Confluence%20Server%20CVE-2022-26134%20OGNL%20Injection%20Attempt%22

3 Posts

MakeItHackin on Twitter: "The Hacker TikTok panel will be answering audience questions during our @BSidesSF talk today. Use the link below to submit a question, BUT only from 2:30-3:20pm Pacific time. Choose "Theater 14" for the venue. :) @kyliebytes @notshenetworks @kylekyle https://t.co/tmvqlJ9sEo" / Twitter

https://twitter.com/makeithackin/status/1533479288845922304

3 Posts

SANS DFIR on Twitter: "New @SANSInstitute's #FOR528 #Ransomware for #IncidentResponders teaches how to prepare for, detect, hunt, & deal the aftermath of ransomware Learn more in this livestream with course author @rj_chap https://t.co/jj0HjEum1p" / Twitter

https://twitter.com/sansforensics/status/1533176949148946437

3 Posts

Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?

https://www.zerodayinitiative.com/blog/2022/6/1/is-exploiting-a-null-pointer-deref-for-lpe-just-a-pipe-dream

3 Posts

Analysis and Attribution of the Eternity Ransomware: Timeline and Emergence of the Eternity Group - CloudSEK

https://cloudsek.com/analysis-and-attribution-of-the-eternity-ransomware-timeline-and-emergence-of-the-eternity-group/

3 Posts

Yashar Ali 🐘 on Twitter: "Ohio is set to enact a law that allows teachers and other staff to be armed with guns in schools once they have completed up to 24 hours of initial training. https://t.co/kGl1YYeYX4" / Twitter

https://twitter.com/yashar/status/1533246393199910913

3 Posts

KnowledgeSharing/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190 at main · NafisiAslH/KnowledgeSharing · GitHub

https://github.com/NafisiAslH/KnowledgeSharing/tree/main/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190?fbclid=IwAR0UczaWjJNKWTnlvZHCXsWhABuae0kDRKx3hj-wo0LS1y8TZ32HR5w9t3w

3 Posts

Hishan Shouketh on Twitter: "The Discovery of the #MSDT protocol abuse opens up a whole new area of attacks surface. Querying the registry, e.g. for MS protocols, "Get-Item Registry::HKEY_CLASSES_ROOT\ms-* | Out-String | select-string -Pattern "URL" -SimpleMatch" #MSDT #follina https://t.co/ZPfSnRQ5r9" / Twitter

https://twitter.com/hishanxp/status/1532245439172468737

3 Posts

signatures/template.suricata-6.0.5.rules at master · c3rb3ru5d3d53c/signatures · GitHub

https://github.com/c3rb3ru5d3d53c/signatures/blob/master/signatures/attack/injection/template/template.suricata-6.0.5.rules

3 Posts

WebDAV Traffic To Malicious Sites | Didier Stevens

https://blog.didierstevens.com/2017/11/13/webdav-traffic-to-malicious-sites/

3 Posts

Andrew Morris @ Blackhat/Defcon on Twitter: "Widespread Atlassian Confluence CVE-2022-26134 exploitation, specifically that is confirmed functional, has just started. 23 unique IPs so far. -Tags available to all @GreyNoiseIO users now - Create an account to deploy a dynamic block list to block it https://t.co/dbXTw2LWY6 https://t.co/xXldngWdPH" / Twitter

https://twitter.com/andrew___morris/status/1533139425122713600

3 Posts

Get-Item Registry::HKEY_CLASSES_ROOT\* | Select-Object "Property","PSChildName" | Where-Object -Property Property -Match "^URL*" | Export-Csv -path c:\temp\url_all.csv · GitHub

https://gist.github.com/MHaggis/a0d3edb57d36e0916c94c0a464b2722e

3 Posts

Watcher.Guru on Twitter: "🚨BREAKING: Bored Ape Yacht Club and Otherside Metaverse Discord servers have been hacked. Millions worth of #NFTs reportedly stolen." / Twitter

GitHub - mattifestation/AntimalwareBlight: Execute PowerShell code at the antimalware-light protection level.

Brute force attacks against Windows Remote Desktop

404 Page Not Found - Xmind - Mind Mapping Software

El Universal (@ElUniversal) / Twitter

PiRogue tool suite - Mobile forensic & Network traffic analysis

Pole Vault Power on Twitter: "This is my daughter. She just turned 9. Here is why I would never allow her to play middle or high school sports if we lived in Ohio… https://t.co/K7CDgFVhr0" / Twitter

j.d.christopher on Twitter: "Catastrophic failure at an aluminum extrusion line. Looks like an overpressure event and the oil itself (over a drop ceiling no less) open a portal to a demon dimension… https://t.co/VQeM0f85Mw" / Twitter

Rata ✨ on Twitter: "the best part of Morbius was when he said "IT'S MORBIN' TIME" and morbed all over those guys" / Twitter

GreyNoise

SANS DFIR on Twitter: "New @SANSInstitute's #FOR528 #Ransomware for #IncidentResponders teaches how to prepare for, detect, hunt, & deal the aftermath of ransomware Learn more in this livestream with course author @rj_chap https://t.co/jj0HjEum1p" / Twitter

Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?

Analysis and Attribution of the Eternity Ransomware: Timeline and Emergence of the Eternity Group - CloudSEK

Yashar Ali 🐘 on Twitter: "Ohio is set to enact a law that allows teachers and other staff to be armed with guns in schools once they have completed up to 24 hours of initial training. https://t.co/kGl1YYeYX4" / Twitter

KnowledgeSharing/CyberSecurity/Web/CVEs/CVE-2022/CVE-2022-30190 at main · NafisiAslH/KnowledgeSharing · GitHub

signatures/template.suricata-6.0.5.rules at master · c3rb3ru5d3d53c/signatures · GitHub

WebDAV Traffic To Malicious Sites | Didier Stevens

sop.png (2000×1253)

Ken Johnson Scholarship 2022 | SANS Institute

Business Email Compromise Scams Are Poised to Eclipse Ransomware | WIRED

Intelligence or Marketing? Which is it and how to tell using the ADEPT model - Threat Intelligence Academy

GitHub - airbus-cert/ttddbg: Time Travel Debugging IDA plugin

[QuickNote] CobaltStrike SMB Beacon Analysis | 0day in {REA_TEAM}

Exploit released for Atlassian Confluence RCE bug, patch now

Zero Day Initiative — Is exploiting a null pointer deref for LPE just a pipe dream?

Get-Item Registry::HKEY_CLASSES_ROOT\* | Select-Object "Property","PSChildName" | Where-Object -Property Property -Match "^URL*" | Export-Csv -path c:\temp\url_all.csv · GitHub

Link Found Connecting Chaos, Onyx and Yashma Ransomware | Threatpost

[QuickNote] CobaltStrike SMB Beacon Analysis | 0day in {REA_TEAM}

MalwareBazaar | 103-199-211-138

Elon Musk on Twitter: "Some hate humanity, but I love humanity so much" / Twitter