GitHub - omair2084/CVE-2022-26937: Windows Network File System Crash PoC
https://github.com/omair2084/CVE-2022-26937
Police Linked to Hacking Campaign to Frame Indian Activists | WIRED
https://www.wired.com/story/modified-elephant-planted-evidence-hacking-police/
Matanbuchus/Matanbuchus_17.06_2022.txt at main · pr0xylife/Matanbuchus · GitHub
https://github.com/pr0xylife/Matanbuchus/blob/main/Matanbuchus_17.06_2022.txt
MalwareBazaar | SHA256 6c28c703f185aa4d626a1523b03c2893d6401e24b52a4081d2624cad9932d405 (Matanbuchus)
https://bazaar.abuse.ch/sample/6c28c703f185aa4d626a1523b03c2893d6401e24b52a4081d2624cad9932d405/
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://i5c.us/d28752
Dave Kennedy on Twitter: "Long thread but serious talk. Seeing a massive problem in the security industry today. We have brand new candidates lacking "hands on" experience coming into the workforce and finding it extremely difficult to find a job. 1/10" / Twitter
https://twitter.com/hackingdave/status/1537594916586520576
What It Means that the U.S. Is Conducting Offensive Cyber Operations Against Russia
https://zetter.substack.com/p/what-it-means-that-the-us-is-conducting
US TikTok User Data Has Been Repeatedly Accessed From China, Leaked Audio Shows
https://www.buzzfeednews.com/article/emilybakerwhite/tiktok-tapes-us-user-data-china-bytedance-access
MalwareBazaar | SHA256 a7628a09046bc9f9144ecf506ef5a399befb8a985b028db8032a40ae0f96cf86 (SVCReady)
https://bazaar.abuse.ch/sample/a7628a09046bc9f9144ecf506ef5a399befb8a985b028db8032a40ae0f96cf86/
Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability
https://thehackernews.com/2022/06/over-million-wordpress-sites-forcibly.html
SANS Ransomware Summit 2022, Can You Detect This?
https://thedfirreport.com/2022/06/16/sans-ransomware-summit-2022-can-you-detect-this/
New Qualys Research Report: Inside a Redline InfoStealer Campaign | Qualys Security Blog
https://blog.qualys.com/vulnerabilities-threat-research/2022/06/15/new-qualys-research-report-inside-a-redline-infostealer-campaign
David Weston (DWIZZZLE) on Twitter: "Clean install defaults 22H2. https://t.co/JJ5EAaZ4eN" / Twitter
https://twitter.com/dwizzzleMSFT/status/1537605197354020865
MalwareBazaar | SHA256 f0b819433319a936c3b1e4fe4747fef8081ad827b7d20db5d41856f00c147b18 (SVCReady)
https://bazaar.abuse.ch/sample/f0b819433319a936c3b1e4fe4747fef8081ad827b7d20db5d41856f00c147b18/
The Register on Twitter: "RSAC branded a 'super spreader event' as attendees share COVID-19 test results https://t.co/4WwwzVNUxY" / Twitter
https://twitter.com/TheRegister/status/1537555028830994432
Russian Botnet Disrupted in International Cyber Operation | USAO-SDCA | Department of Justice
https://www.justice.gov/usao-sdca/pr/russian-botnet-disrupted-international-cyber-operation
SANS.edu Internet Storm Center on Twitter: "ISC Diary: @malware_traffic reviews #Matanbuchus activity leading to #CobaltStrike https://t.co/Vz5p0unsq1 https://t.co/8frRWOisFa" / Twitter
https://twitter.com/sans_isc/status/1537645171915075584
Bug Bounty Redacted #4: Writing to S3 buckets & Insecure JWT Implementation - YouTube
https://www.youtube.com/watch?v=F7QvhHJB-ck
Florian Roth ⚡ on Twitter: "For #auditd on #Linux you can use my best practice auditd configuration, which is still actively maintained and gets frequent updates via PR If you've found ways to improve it, please provide them as pull request to help everyone else https://t.co/sRF2MylNah https://t.co/13nDEwE4zx" / Twitter
https://twitter.com/cyb3rops/status/1537756755861688320
InfoSec Handlers Diary Blog - SANS Internet Storm Center
https://isc.sans.edu/diary/28752
Ankit Anubhav on Twitter: "#Malware in 2022 https://t.co/PctCqEJrVM" / Twitter
https://twitter.com/ankit_anubhav/status/1537780776783138816
BGGP3: Crash
https://tmpout.sh/bggp/3/
Kim Zetter on Twitter: "When the head of US Cyber Command said recently that US conducted offensive cyber ops to support Ukraine, many assumed he meant destructive attacks that risk pulling US into war. So I spoke w/ 2 former lawyers for the command to see what he really meant https://t.co/yBReGiLDpM" / Twitter
https://twitter.com/KimZetter/status/1537854392841293824
COVID-19: RSA Conference branded a 'super spreader event' • The Register
https://reg.cx/44sh?utm_source=twitter&utm_medium=twitter&utm_campaign=auto&utm_content=article
Hang Fire: Challenging our Mental Model of Initial Access | by Matt Hand | Jun, 2022 | Posts By SpecterOps Team Members
https://posts.specterops.io/hang-fire-challenging-our-mental-model-of-initial-access-513c71878767
Colin Cowie👨🏼💻 on Twitter: "Post-exploit #SocGholish/#FakeUpdates activity: ➡️Edge.js ↪️whoami /all ↪️nltest ↪️net group 'Domain Admins' & 'Enterprise Admins' ↪️Get-WmiObject -Class win32_service ↪️dir c:\programdata ↪️regsvr32 c:\ProgramData\VGAuthService.dll 🌐 optiontradingsignal[.]com (#CobaltStrike)" / Twitter
https://twitter.com/th3_protoCOL/status/1536788652889497600![Colin Cowie👨🏼💻 on Twitter: "Post-exploit #SocGholish/#FakeUpdates activity: ➡️Edge.js ↪️whoami /all ↪️nltest ↪️net group 'Domain Admins' & 'Enterprise Admins' ↪️Get-WmiObject -Class win32_service ↪️dir c:\programdata ↪️regsvr32 c:\ProgramData\VGAuthService.dll 🌐 optiontradingsignal[.]com (#CobaltStrike)" / Twitter](/image/screenshot/36f1028112d86433ea05b061ce0813b6.webp)
Detecting Exploits - OMIGod (Linux Logging with Auditd) - YouTube
https://www.youtube.com/watch?v=lc1i9h1GyMA
SANS-Ransomware-Summit-2022-Can-You-Detect-This.pdf
https://thedfirreport.com/wp-content/uploads/2022/06/SANS-Ransomware-Summit-2022-Can-You-Detect-This.pdf
Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity
https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html
James Forshaw on Twitter: "@galdeleon Something I find interesting is how it's based on a token flag, similar to the child process mitigation. It should follow across impersonation boundaries, however it seems that for that to work both the primary and impersonation tokens need the flag set. Seems like an oversight." / Twitter
https://twitter.com/tiraniddo/status/1537475670481068032