Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
Fourteen Ways to Read the PID for the Local Security Authority Subsystem Service (LSASS) - MDSec
https://www.mdsec.co.uk/2022/08/fourteen-ways-to-read-the-pid-for-the-local-security-authority-subsystem-service-lsass/
Rachel Tobac on Twitter: "*ANNOUNCEMENT* Presenting: the trailer for our new 🎶MUSICAL🎶 & spoken Security Awareness Videos! After the infosec sea shanty, dozens of teams DM’d me saying "The song worked! MFA usage up, reporting way up, pls make more songs!" So we got to work & you all it's finally here!🤖 https://t.co/elcTrJYGjh" / Twitter
https://twitter.com/racheltobac/status/1554444909993607170
Microsoft announces new external attack surface audit tool
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-external-attack-surface-audit-tool/
Chinese Hackers Using New Manjusaka Hacking Framework Similar to Cobalt Strike
https://thehackernews.com/2022/08/chinese-hackers-using-new-manjusaka.html
VMSA-2022-0021
https://www.vmware.com/security/advisories/VMSA-2022-0021.html
samczsun on Twitter: "1/ Nomad just got drained for over $150M in one of the most chaotic hacks that Web3 has ever seen. How exactly did this happen, and what was the root cause? Allow me to take you behind the scenes 👇 https://t.co/Y7Q3fZ7ezm" / Twitter
https://twitter.com/samczsun/status/1554252024723546112
Sh0ck 🇺🇦 on Twitter: "Ladies and gents: A DLL Hijacking is present in mpclient.dll also BINARY: "C:\Program Files\Windows Defender\NisSrv.exe" If you are a blue-teamer, do not watch only “MpCmdRun.exe” but all binaries from Defender. PoC: https://t.co/44No51XjOP https://t.co/M1R2G1ZAHK #infosec https://t.co/uwOpz7kE6j" / Twitter
https://twitter.com/Sh0ckFR/status/1554021948967079936
Rachel Tobac on Twitter: "*ANNOUNCEMENT* Presenting: the trailer for our new 🎶MUSICAL🎶 & spoken Security Awareness Videos! After the infosec sea shanty, dozens of teams DM’d me saying "The song worked! MFA usage up, reporting way up, pls make more songs!" So we got to work & you all it's finally here!🤖 https://t.co/elcTrJYGjh" / Twitter
https://twitter.com/RachelTobac/status/1554444909993607170
EU missile maker MBDA confirms data theft extortion, denies breach
https://www.bleepingcomputer.com/news/security/eu-missile-maker-mbda-confirms-data-theft-extortion-denies-breach/
Tingting Liu 劉亭廷 on Twitter: "BREAKING: Taiwan’s Presidential Office just confirmed that at around 17:15 local time, the Presidential Office’s website was hit by an overseas DDoS attack. The attack traffic was 200 times that of a normal day, causing the official website to be down for 20 minutes. (1/2)" / Twitter
https://twitter.com/tingtingliuTVBS/status/1554436870939242497
New 'ParseThru' Parameter Smuggling Vulnerability Affects Golang-based Applications
https://thehackernews.com/2022/08/new-parsethru-parameter-smuggling.html
Malware-IOCs/2022-08-01 SocGholish IOCs at main · executemalware/Malware-IOCs · GitHub
https://github.com/executemalware/Malware-IOCs/blob/main/2022-08-01%20SocGholish%20IOCs
LockBit Ransomware Abuses Windows Defender to Deploy Cobalt Strike Payload
https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html
Living Off Windows Defender | LockBit Ransomware Sideloads Cobalt Strike Through Microsoft Security Tool - SentinelOne
https://www.sentinelone.com/blog/living-off-windows-defender-lockbit-ransomware-sideloads-cobalt-strike-through-microsoft-security-tool/
GitHub - frkngksl/NimicStack: NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs
https://github.com/frkngksl/NimicStack
Over 3,200 apps leak Twitter API keys, some allowing account hijacks
https://www.bleepingcomputer.com/news/security/over-3-200-apps-leak-twitter-api-keys-some-allowing-account-hijacks/
0xdf on Twitter: "I got a really convincing phish today from @PayPal. And when I say "from Paypal", the from address is [email protected]. I knew right away that I didn't have a PayPal account for this email, so I was sure it was fake. It took me a minute to figure out what I was looking at. 🧵" / Twitter
https://twitter.com/0xdf_/status/1554152068327276547
A Detailed Analysis of the RedLine Stealer | SecurityScorecard
https://securityscorecard.com/research/detailed-analysis-redline-stealer