Stephen Lacy on Twitter: "I am uncovering what seems to be a massive widespread malware attack on @github. - Currently over 35k repositories are infected - So far found in projects including: crypto, golang, python, js, bash, docker, k8s - It is added to npm scripts, docker images and install docs https://t.co/rq3CBDw3r9" / Twitter
https://twitter.com/stephenlacy/status/1554697077430505473
Introducing the Azure Threat Research Matrix - Microsoft Tech Community
https://techcommunity.microsoft.com/t5/security-compliance-and-identity/introducing-the-azure-threat-research-matrix/ba-p/3584976
PART 3: How I Met Your Beacon - Brute Ratel - MDSec
https://www.mdsec.co.uk/2022/08/part-3-how-i-met-your-beacon-brute-ratel/
check if a PAN firewall is using the default master key when globalprotect is enabled · GitHub
https://gist.github.com/rqu1/6175cb2972291fc9ac96ef18f72b792c
Introducing BloodHound 4.2 — The Azure Refactor | by Andy Robbins | Aug, 2022 | Posts By SpecterOps Team Members
https://posts.specterops.io/1cff734938bd
VMSA-2022-0021
https://www.vmware.com/security/advisories/VMSA-2022-0021.html
VirusTotal Reveals Most Impersonated Software in Malware Attacks
https://thehackernews.com/2022/08/virustotal-reveals-most-impersonated.html
Creating Processes Using System Calls | Core Labs
https://www.coresecurity.com/core-labs/articles/creating-processes-using-system-calls
Technical Analysis of Industrial Spy Ransomware | Zscaler
https://www.zscaler.com/blogs/security-research/technical-analysis-industrial-spy-ransomware
The Microsoft Team Racing to Catch Bugs Before They Happen | WIRED
https://www.wired.com/story/microsoft-morse-team/
Deception at a scale ~ VirusTotal Blog
https://blog.virustotal.com/2022/08/deception-at-scale.html
GitHub - gtworek/VolatileDataCollector
https://github.com/gtworek/VolatileDataCollector
Jenkins Security Advisory 2022-07-27
https://www.jenkins.io/security/advisory/2022-07-27/
GitHub - BloodHoundAD/BARK: BloodHound Attack Research Kit
https://github.com/BloodHoundAD/BARK
35,000 code repos not hacked—but clones flood GitHub to serve malware
https://www.bleepingcomputer.com/news/security/35-000-code-repos-not-hacked-but-clones-flood-github-to-serve-malware/
Ben Collins on Twitter: "Wow. Sandy Hook parents' lawyer is revealing that Alex Jones' lawyers sent him the contents of Jones' phone BY MISTAKE. "12 days ago, your attorneys messed up and sent me a digital copy of every text" Jones has sent for years. "You know what perjury is?" the lawyer asks." / Twitter
https://twitter.com/oneunderscore__/status/1554864067508060160
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Manjusaka: A Chinese sibling of Sliver and Cobalt Strike
https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
Access denied
https://www.bleepingcomputer.com/news/security/thousands-of-solana-wallets-drained-in-attack-using-unknown-exploit/
GitHub - elastic/protections-artifacts: Elastic Security detection content for Endpoint
https://github.com/elastic/protections-artifacts
Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour
https://thehackernews.com/2022/08/single-core-cpu-cracked-post-quantum.html
Initial Access Brokers Are Key to Rise in Ransomware Attacks
https://www.recordedfuture.com/initial-access-brokers-key-to-rise-in-ransomware-attacks
Hatching Triage | Behavioral Report
https://tria.ge/220803-k9l38saegn/behavioral1
New Memory Forensics Techniques to Defeat Device Monitoring Malware - Black Hat USA 2022 | Briefings Schedule
https://www.blackhat.com/us-22/briefings/schedule/index.html#new-memory-forensics-techniques-to-defeat-device-monitoring-malware-27403
VMware Releases Patches for Several New Flaws Affecting Multiple Products
https://thehackernews.com/2022/08/vmware-releases-patches-for-several-new.html
MalwareBazaar | SHA256 64d002099ceefa7bcfc631c8eca3f5ffd650c7f758d11fbd94f4d0ef6e0f9c42
https://bazaar.abuse.ch/sample/64d002099ceefa7bcfc631c8eca3f5ffd650c7f758d11fbd94f4d0ef6e0f9c42/
VirusTotal - File - f25609f396644e4593527a1d550ba0c1626926df6c619929e2766fd3c2b72ebf
https://www.virustotal.com/gui/file/f25609f396644e4593527a1d550ba0c1626926df6c619929e2766fd3c2b72ebf
Inside Windows Defender System Guard Runtime Monitor | $~ lloydlabs
https://blog.syscall.party/2022/08/02/inside-windows-defender-system-guard-runtime-monitor
VMware urges admins to patch critical auth bypass bug immediately
https://www.bleepingcomputer.com/news/security/vmware-urges-admins-to-patch-critical-auth-bypass-bug-immediately/
Домен зарегистрирован через «Джино»
http://myjino.ru
IcedID/icedID_03.08.2022.txt at main · pr0xylife/IcedID · GitHub
https://github.com/pr0xylife/IcedID/blob/main/icedID_03.08.2022.txt