Microsoft Office to publish symbols starting August 2022 – Microsoft Security Response Center
https://msrc-blog.microsoft.com/2022/08/08/microsoft-office-to-publish-symbols-starting-august-2022/
Dancing on the architecture of VMware Workspace ONE Access (ENG) | by Petrus Viet | Aug, 2022 | Medium
https://petrusviet.medium.com/dancing-on-the-architecture-of-vmware-workspace-one-access-eng-ad592ae1b6dd
GitHub - zeronetworks/BlueHound: BlueHound - pinpoint the security issues that actually matter
https://github.com/zeronetworks/BlueHound
BlueHound: Community Driven Resilience. - Zero Networks | Contain The Next Breach
https://zeronetworks.com/blog/bluehound-community-driven-resilience/
BumbleBee Roasts Its Way to Domain Admin – The DFIR Report
https://thedfirreport.com/2022/08/08/bumblebee-roasts-its-way-to-domain-admin/
Discovering Domains via a Timing Attack on Certificate Transparency – PT SWARM
https://swarm.ptsecurity.com/discovering-domains-via-timing-attack/
On Detection: Tactical to Functional | by Jared Atkinson | Aug, 2022 | Posts By SpecterOps Team Members
https://posts.specterops.io/on-detection-tactical-to-functional-45e41fef7af4
GitHub - rad9800/TamperingSyscalls
https://github.com/rad9800/TamperingSyscalls
H4CK1NG G00GL3
http://GOO.GLE/H4CK1NGG00GL3
MalwareBazaar | SHA256 9ce84380614d0eb61fd657c42593e5cd91d122f614c00c5edea6514241951854 (IcedID)
https://bazaar.abuse.ch/sample/9ce84380614d0eb61fd657c42593e5cd91d122f614c00c5edea6514241951854/
ccs22_fioraldi.pdf
https://www.s3.eurecom.fr/docs/ccs22_fioraldi.pdf
YARA for config extraction - N1ght-W0lf
https://n1ght-w0lf.github.io/tutorials/yara-for-config-extraction/
10 Credential Stealing Python Libraries Found on PyPI Repository
https://thehackernews.com/2022/08/10-credential-stealing-python-libraries.html
VirusTotal - File - 89d6b9a0f7d4f30f5021a893925dfbea12051a0d3e5f5845fd1bc45b74eed830
https://www.virustotal.com/gui/file/89d6b9a0f7d4f30f5021a893925dfbea12051a0d3e5f5845fd1bc45b74eed830
U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash | U.S. Department of the Treasury
https://home.treasury.gov/news/press-releases/jy0916
Chetan Nayak (Brute Ratel C4) on Twitter: "The stager which I converted from 8kb to 3.5 kb, is now back to 9kb, but it now unhooks every DLL hooked by the EDR before downloading the encrypted stage and executing it. Tested it against most top notch EDRs in prevent mode and this time added Palo Alto to the tests. #BRc4 https://t.co/WSXJmjEK9i" / Twitter
https://twitter.com/NinjaParanoid/status/1554498023455354880
Hatching Triage | Behavioral Report
https://tria.ge/220809-l8jgdsadg4/behavioral1
MalwareBazaar | SHA256 89d6b9a0f7d4f30f5021a893925dfbea12051a0d3e5f5845fd1bc45b74eed830
https://bazaar.abuse.ch/sample/89d6b9a0f7d4f30f5021a893925dfbea12051a0d3e5f5845fd1bc45b74eed830/
7-Eleven stores in Denmark closed due to a cyberattack
https://www.bleepingcomputer.com/news/security/7-eleven-stores-in-denmark-closed-due-to-a-cyberattack/
IcedID_08_09_2022.txt · GitHub
https://gist.github.com/myrtus0x0/0f924e99d0c631a55ae289ff9e0628fe
Kali Linux 2022.3 Release (Discord & Test Lab) | Kali Linux Blog
https://www.kali.org/blog/kali-linux-2022-3-release/
Ankit Anubhav on Twitter: "#IcedID is abusing good old CHM help files. Stolen chain leads to password protected zip which has an ISO. ISO contains CHM + malicious DLL. Victim clicks on CHM and the magic starts ! Good scope of adding some parent process rules. C2 /abegelkunic.com https://t.co/0QqqFVWHxH https://t.co/KHQ3QW14Cv" / Twitter
https://twitter.com/ankit_anubhav/status/1557031483755245568
Vergilius Project | Home
http://www.vergiliusproject.com
MalwareBazaar | SHA256 b6322af0749e361f8eeb671e27617051c3f3bfdc4688aa305c250506ec04efef (SVCReady)
https://bazaar.abuse.ch/sample/b6322af0749e361f8eeb671e27617051c3f3bfdc4688aa305c250506ec04efef/
MalwareBazaar | SHA256 64413387408791ebc4e35419e7db96cfb57e26d4c6bdcbf5ac5f244b18819c5c
https://bazaar.abuse.ch/sample/64413387408791ebc4e35419e7db96cfb57e26d4c6bdcbf5ac5f244b18819c5c/
MalwareBazaar | SHA256 e192656ce9c73ac7bcb4cec136378c5843e128b76cd1c021aeec274edecbf869 (Gozi)
https://bazaar.abuse.ch/sample/e192656ce9c73ac7bcb4cec136378c5843e128b76cd1c021aeec274edecbf869/
Cloudflare employees also hit by hackers behind Twilio breach
https://www.bleepingcomputer.com/news/security/cloudflare-employees-also-hit-by-hackers-behind-twilio-breach/
Windows devices with newest CPUs are susceptible to data damage
https://www.bleepingcomputer.com/news/microsoft/windows-devices-with-newest-cpus-are-susceptible-to-data-damage/
JAMESWT on Twitter: ""Notifica cartella di pagamento n." spam email @Agenzia_Entrate spread #SVCReady > @hatching_io Xls https://t.co/4xVoJN4kd6 Dll https://t.co/jpxhBXmE3M Dll Url (geoITA+BLK IP) zopxor.]com cc @58_158_177_102 @felixw3000 https://t.co/lTuq9qgESy" / Twitter
https://twitter.com/JAMESWT_MHT/status/1556950417975672833![JAMESWT on Twitter: ""Notifica cartella di pagamento n." spam email @Agenzia_Entrate spread #SVCReady > @hatching_io Xls https://t.co/4xVoJN4kd6 Dll https://t.co/jpxhBXmE3M Dll Url (geoITA+BLK IP) zopxor.]com cc @58_158_177_102 @felixw3000 https://t.co/lTuq9qgESy" / Twitter](/image/screenshot/e0b843822e458f78637fe68bbdd60c08.webp)
VirusTotal - File - 3ba9e82575262067725feda9cefac9a6a6350ead5037ae9d85c398a0ecf6c6eb
https://www.virustotal.com/gui/file/3ba9e82575262067725feda9cefac9a6a6350ead5037ae9d85c398a0ecf6c6eb/detection
Hatching Triage | Behavioral Report
https://tria.ge/220809-cymavsded4/behavioral2
Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack
https://thehackernews.com/2022/08/twilio-suffers-data-breach-after.html