How mercenary hackers sway litigation battles
https://www.reuters.com/investigates/special-report/usa-hackers-litigation/
Project Zero: 2022 0-day In-the-Wild Exploitation…so far
https://googleprojectzero.blogspot.com/2022/06/2022-0-day-in-wild-exploitationso-far.html
Spoofing Call Stacks To Confuse EDRs
https://labs.withsecure.com/blog/spoofing-call-stacks-to-confuse-edrs/
GitHub - countercept/CallStackSpoofer: A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
https://github.com/countercept/CallStackSpoofer
After constant bombardment, Russia announced the withdrawal of troops from Snake Island - The Cyber Shafarat - Treadstone 71
https://cybershafarat.com/2022/06/30/after-constant-bombardment-russia-announced-the-withdrawal-of-troops-from-snake-island/
Amy Hupe on Twitter: "Introduce yourself with the wildest feedback you’ve ever received. I’ll go first: “Hi I’m Amy. I’m too ambitious 🤝”" / Twitter
https://twitter.com/Amy_Hupe/status/1542148076084908034
The Chromium super (inline cache) type confusion | The GitHub Blog
https://github.co/3Oys62x
Relaying NTLM Authentication from SCCM Clients | by Chris Thompson | Jun, 2022 | Posts By SpecterOps Team Members
https://posts.specterops.io/relaying-ntlm-authentication-from-sccm-clients-7dccb8f92867
Subscribe to read | Financial Times
https://www.ft.com/content/2e4359e4-c0ca-4428-bc7e-456bf3060f45
Avi Asher-Schapiro on Twitter: "It turns out that Coinbase, the largest crypto exchange in the US, is directly selling tools to U.S law enforcement & immigration agencies to help track peoples’ crypto transactions. https://t.co/rkyRvNdp9c" / Twitter
https://twitter.com/aaschapiro/status/1542281722540220416
Services - The DFIR Report
http://thedfirreport.com/services
JAMESWT on Twitter: ""Fw:fattura non pagata IT/" spam email spread #phishing @Arubait ⚠️hXXps://pagamento-fattura[.com/ ➡️Registrar @Namecheap https://t.co/qsKk3G5alK" / Twitter
https://twitter.com/JAMESWT_MHT/status/1539507091139969026
Countering hack-for-hire groups
https://blog.google/threat-analysis-group/countering-hack-for-hire-groups/
BCS Policy on Twitter: "Thursday - 21:00 Join our best #Cyber talent to tweet the good, bad & ugly about @Channel4's new #Cyber Drama #TheUndeclaredWar. #TheUndeclaredWarLive @LisaForteUK @Infosecjen @CyberAlexi @Geek2Speak @UK_Daniel_Card @cyberbaines @HiArnoldis @Tzardan https://t.co/A4ULwGnZg2 https://t.co/0AbIVf2dlz" / Twitter
https://twitter.com/BCS_Policy/status/1541400935720751104
Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties | Offensive Security
https://www.offensive-security.com/offsec/macro-weaponization/
OpenSea discloses data breach, warns users of phishing attacks
https://www.bleepingcomputer.com/news/security/opensea-discloses-data-breach-warns-users-of-phishing-attacks/
Zack Whittaker on Twitter: "Stardust's new app came out today with its new encryption feature (it's a sign-in option, sign in by email and phone number still exists). I ran Stardust's new app through Burp and used the new data encryption option, and saw the encryption key sent back to Stardust via its API. https://t.co/NIlPDf99Vy" / Twitter
https://twitter.com/zackwhittaker/status/1542297308401995782
Using process creation properties to catch evasion techniques - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/06/30/using-process-creation-properties-to-catch-evasion-techniques/
Cryptocurrency Titan Coinbase Providing “Geo Tracking Data” to ICE
https://theintercept.com/2022/06/29/crypto-coinbase-tracer-ice/
Did You Know Your Browser’s Autofill Credentials Could Be Stolen via Cross-Site Scripting (XSS) - GoSecure
https://www.gosecure.net/blog/2022/06/29/did-you-know-your-browsers-autofill-credentials-could-be-stolen-via-cross-site-scripting-xss/
North Korean Hackers Suspected to be Behind $100M Horizon Bridge Hack
https://thehackernews.com/2022/06/north-korean-hackers-suspected-to-be.html
Error 404 (Not Found)!!1
http://firebasestorage.googleapis.com
CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus – Horizon3.ai
https://www.horizon3.ai/red-team-blog-cve-2022-28219
Ankit Anubhav on Twitter: "Don't chase hashes for #Qbot dll. Its' server side polymorphic, hence hashes will change every single time on download. Ex - I curl to their server thrice and get 3 different hashes. However, fuzzy hashing algorithms like SSDEEP for payloads would be same as changes are minor. https://t.co/lgslKVBzkR" / Twitter
https://twitter.com/ankit_anubhav/status/1542383086301679618
Golang code review notes
https://www.elttam.com/blog/golang-codereview/
クレジットカード番号等取扱業者に対する行政処分を行いました (METI/経済産業省)
https://www.meti.go.jp/press/2022/06/20220630007/20220630007.html
Home @ Forms
http://forms.yandex.com
th4ts3cur1ty.company & pocketsiem oktoberfest location poll Survey
https://surveymonkey.co.uk/r/KFJ659Q
Important Update on Email Vendor Security Incident - OpenSea Blog
https://opensea.io/blog/safety-security/important-update-on-email-vendor-security-incident/
Exploiting Intel Graphics Kernel Extensions on macOS | RET2 Systems Blog
https://blog.ret2.io/2022/06/29/pwn2own-2021-safari-sandbox-intel-graphics-exploit/
Ex-Canadian Government Employee Pleads Guilty Over NetWalker Ransomware Attacks
https://thehackernews.com/2022/06/ex-canadian-government-employee-pleads.html