Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
https://blog.sonarsource.com/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/
Hertzbleed Attack
https://www.hertzbleed.com/
NetBlocks on Twitter: "ℹ️ Confirmed: Network data corroborate reports of a disruption to internet access in parts of British Columbia, #Canada, 7 June. The incident is attributed to the activity of a single beaver, which gnawed through a tree that then fell on fiber cabling 🦫 https://t.co/YVnuUAJotK https://t.co/EWtBuUEpgC" / Twitter
https://twitter.com/netblocks/status/1536416663385546756
Project Zero: An Autopsy on a Zombie In-the-Wild 0-day
https://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html
Iranian Spear-Phishing Operation Targets Former Israeli and US High-Ranking Officials - Check Point Research
https://research.checkpoint.com/2022/check-point-research-exposes-an-iranian-phishing-campaign-targeting-former-israeli-foreign-minister-former-us-ambassador-idf-general-and-defense-industry-executives/
The many lives of BlackCat ransomware - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/06/13/the-many-lives-of-blackcat-ransomware/
CVE-2022-30190 - Security Update Guide - Microsoft - Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190
What caused B.C. power outage? | CTV News
https://bc.ctvnews.ca/single-beaver-caused-mass-internet-cell-service-outages-in-northern-b-c-1.5944697
Soatok @ Megaplex, DEFCON 30 on Twitter: "@Bugcrowd Goodbye Bugcrowd. You won't be missed. https://t.co/uuAWEmDTWl" / Twitter
https://twitter.com/SoatokDhole/status/1536769827230126080
Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens
https://thehackernews.com/2022/06/unpatched-travis-ci-api-bug-exposes.html
BumbleBee: a new trendy loader for Initial Access Brokers - SEKOIA.IO Blog
https://blog.sekoia.io/bumblebee-a-new-trendy-loader-for-initial-access-brokers/
Malware-Traffic-Analysis.net - 2022-06-13 (Monday) - Quick post: TA578 thread-hijacked emails push Bumblebee or IcedID
https://www.malware-traffic-analysis.net/2022/06/13/index.html
Bypassing CSP with dangling iframes | PortSwigger Research
https://portswigger.net/research/bypassing-csp-with-dangling-iframes
Tzah Pahima on Twitter: "I was able to access thousands of companies’ passwords on #Azure and run code on their VMs. This includes access to Microsoft’s own credentials… 💣 Here’s HOW I did it. This is the story of #SynLapse. (1/11)" / Twitter
https://twitter.com/TzahPahima/status/1536704823722184704
CVE-2022-1040 Sophos XG Firewall Authentication bypass
https://blog.viettelcybersecurity.com/cve-2022-1040-sophos-xg-firewall-authentication-bypass/
UNITED STATES/ISRAEL : L3's plan to acquire Israeli cyber specialist NSO - 14/06/2022 - Intelligence Online
https://www.intelligenceonline.com/international-dealmaking/2022/06/14/l3-s-plan-to-acquire-israeli-cyber-specialist-nso,109791908-eve
Malware Analysis CTF
https://cet.ctfd.io/register
x86matthew - ProcEnvInjection - Remote code injection by abusing process environment strings
https://www.x86matthew.com/view_post?id=proc_env_injection
3 Key Components of Researcher Submission Templates | @Bugcrowd
https://www.bugcrowd.com/blog/3-key-components-of-researcher-submission-templates/
sample20220614-01.xlsm (MD5: CF850D35CA73D2F7565FF71628C1B620) - Interactive analysis - ANY.RUN
https://app.any.run/tasks/2df14e9f-41e7-492b-b2cc-0912168fd70a
IcedID_06_14_2022.txt · GitHub
https://gist.github.com/myrtus0x0/8a96d35196f0725101d4a47c27909a15
VirusTotal - File - 19408d64c6df49e57cc05ff83c79662eb7aa138823c32b1945cec79d823150ce
https://www.virustotal.com/gui/file/19408d64c6df49e57cc05ff83c79662eb7aa138823c32b1945cec79d823150ce/detection
Follina CVE-2022-30190 Detection with THOR and Aurora - Nextron Systems
https://www.nextron-systems.com/2022/06/13/follina-detection-with-thor-and-aurora/
IcedID_06_14_2022_2.txt · GitHub
https://gist.github.com/myrtus0x0/cdbf5318b878f88aeb6089866e6aea54
Hatching Triage | Behavioral Report
https://tria.ge/220614-kd2h2schfp/behavioral1
Hatching Triage | Behavioral Report
https://tria.ge/220614-wfjlssgcgq/behavioral1
GitHub - bugcrowd/templates: Repository to house markdown templates for researchers
http://github.com/bugcrowd/templates
Bugcrowd Researcher Templates for Bug Bounty Hunters - YouTube
https://youtu.be/-8Mtu8nEhnU
Cyrill Gössi - YouTube
https://www.youtube.com/channel/UCp1rLlh9AQN9Pejzbg9dcAg/videos
Russian hackers start targeting Ukraine with Follina exploits
https://www.bleepingcomputer.com/news/security/russian-hackers-start-targeting-ukraine-with-follina-exploits/
Windows Updates Patch Actively Exploited 'Follina' Vulnerability | SecurityWeek.Com
https://www.securityweek.com/windows-updates-patch-actively-exploited-follina-vulnerability
abuse.ch | Introducing YARAify
https://abuse.ch/blog/introducing-yaraify/
IcedID_06_13_2022.txt · GitHub
https://gist.github.com/myrtus0x0/c7c49829affe8c88915b9590a38bbce0
AMFI Launch Constraints - First Quick Look · theevilbit blog
https://theevilbit.github.io/posts/amfi_launch_constraints/
Coinbase Cuts Employees’ Access to Work Email, Docs Before Laying Them Off
https://www.vice.com/en/article/pkge7z/coinbase-cuts-employees-access-to-work-email-docs-before-laying-them-off
CVE-2022-30189 - Security Update Guide - Microsoft - Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30189
GitHub - ariary/DogWalk-rce-poc: 🐾Dogwalk PoC (using diagcab file to obtain RCE on windows)
https://github.com/ariary/Dogwalk-rce-poc
Technical Details Released for 'SynLapse' RCE Vulnerability Reported in Microsoft Azure
https://thehackernews.com/2022/06/technical-details-released-for-synlapse.html
Metasploit 6.2.0 improves credential theft, SMB support features, more
https://www.bleepingcomputer.com/news/security/metasploit-620-improves-credential-theft-smb-support-features-more/
New Syslogk Linux Rootkit Lets Attackers Remotely Command It Using "Magic Packets"
https://thehackernews.com/2022/06/new-syslogk-linux-rootkit-lets.html
GitHub - abusech/YARAify: YARAify
https://github.com/abusech/YARAify
Christo Grozev on Twitter: "The Belarusian white-hat hackers @cpartisans have released what appears to be wiretaps of calls from the Russian embassy in Minsk. The Belarusian KGB apparently aren't shy to wiretap even "big brother". Not sure this will make the Kremlin happy. https://t.co/8Zgy6owJLp" / Twitter
https://twitter.com/christogrozev/status/1536730625612423169
HyperDbg’s One Thousand and One Nights | Rayanfam Blog
https://rayanfam.com/topics/hyperdbg-one-thousand-and-one-nights/