Detecting DLL Hijacking Attacks — Part 1 | by Mehmet Ergene | Sep, 2022 | Medium
https://link.medium.com/IyhjdJJCetb
TangledWinExec/WmiSpawn at main · daem0nc0re/TangledWinExec · GitHub
https://github.com/daem0nc0re/TangledWinExec/tree/main/WmiSpawn
Added GhostlyHollowing · daem0nc0re/TangledWinExec@7eecbc2 · GitHub
https://github.com/daem0nc0re/TangledWinExec/commit/7eecbc25f1a636c357373faa5639d8a3136f4403
Google CTF Finals 2022 - Tune in at Sept 11 @ 13:30 BST / Twitter
https://twitter.com/i/broadcasts/1YqJDozrjZEGV
About Detection Engineering. In recent months I’ve noticed several… | by Florian Roth | Sep, 2022 | Medium
https://cyb3rops.medium.com/about-detection-engineering-44d39e0755f0
TcbElevation.cpp · GitHub
https://gist.github.com/antonioCoco/19563adef860614b56d010d92e67d178
The Bicycle of the Forensic Analyst | by Florian Roth | Sep, 2022 | Medium
https://cyb3rops.medium.com/the-bicycle-of-the-forensic-analyst-6dc83fb6fb34
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
https://thehackernews.com/2022/09/iranian-apt42-launched-over-30.html
Thoughts on the use of noVNC for phishing campaigns - Adepts of 0xCC
https://adepts.of0x.cc/novnc-phishing/
Ransomware gangs switching to new intermittent encryption tactic
https://www.bleepingcomputer.com/news/security/ransomware-gangs-switching-to-new-intermittent-encryption-tactic/
A'Najai on Twitter: "Man wtf 😩😅 https://t.co/7o3QdDQiQP" / Twitter
https://twitter.com/STFU_anajai2/status/1568363957261422593
Avoiding Memory Scanners
https://blog.kyleavery.com/posts/avoiding-memory-scanners/
The Curious Case of “Monti” Ransomware: A Real-World Doppelganger
https://blogs.blackberry.com/en/2022/09/the-curious-case-of-monti-ransomware-a-real-world-doppelganger
Attacking Firecracker: AWS' microVM Monitor Written in Rust - Blog | Grapl
http://www.graplsecurity.com/post/attacking-firecracker
Caitlin Condon on Twitter: "Rapid7's vuln research team is looking for an experienced security researcher to look for cool 0day, analyze n-day vulns, and share findings with the community in a variety of ways (blogs, AttackerKB, public speaking). Fully remote U.S. :) DMs open! https://t.co/DNouY6WOOY" / Twitter
https://twitter.com/catc0n/status/1568238893203439619
x86matthew - WriteProcessMemoryAPC - Write memory to a remote process using APC calls
https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
National Security Council on Twitter: "The United States condemns the September 9th cyberattack against our NATO Ally, Albania. This malicious activity against Albania follows the July 15 cyberattack conducted by the Government of Iran. The U.S. government is supporting Albania’s efforts to mitigate and recover." / Twitter
https://twitter.com/whnsc/status/1568782751511486469
U.S. Seizes Cryptocurrency Worth $30 Million Stolen by North Korean Hackers
https://thehackernews.com/2022/09/us-seizes-cryptocurrency-worth-30.html
Raccoons Hourly on Twitter: "https://t.co/4ZHSLe1GvI" / Twitter
https://twitter.com/raccoonhourly/status/1569015428839522307
James Hannah. on Twitter: "Depluralise a film. I’ll start. Jaw." / Twitter
https://twitter.com/jameshannah/status/1568869693846331393
Your Amiibo's Haunted :: VVX7
https://vvx7.io/posts/2022/09/your-amiibos-haunted/
2022 GrrCon Family Feud, the survey
https://bit.ly/GrrConFamilyFeud2022
Er•(in)³•fosec on Twitter: "A company’s brand new employees are getting spearsmished (ha just coined that and I know some of y’all will hate it) with “I’m the CEO, I’m in a meeting but I need you to do something, let me know if you got my message”—any ideas on how their phone numbers would already be known?" / Twitter
https://twitter.com/ErinInfosec/status/1568623037108617216
FOR610 & GREM - My experience - Abhiram's Blog
https://stuxnet999.github.io/2022/09/10/FOR610-GREM-Preparation-Tips.html
Oles Filonenko 🤷🏼♂️ on Twitter: "⚡️«Видит бог, эта ссора того не стоила»: Лукашенко заявил, что готов вернуть посла в Киев По словам президента, как умудрённый годами и миролюбивый человек, он всегда выступал за добрососедские отношения с Украиной и готов сделать первый шаг навстречу. https://t.co/QpKdYsgchu" / Twitter
https://twitter.com/taxfreelt/status/1568827211129520131
Firmware bugs in many HP computer models left unfixed for over a year
https://www.bleepingcomputer.com/news/security/firmware-bugs-in-many-hp-computer-models-left-unfixed-for-over-a-year/
Defense of Ukraine on Twitter: "russia is trying to maintain its status as the largest supplier of military equipment for the Ukrainian army, and even to improve its status, knowing that lend-lease will soon come into effect. #UAarmy loves its trophy ammo 🏆 https://t.co/2NMPAPPgP2" / Twitter
https://twitter.com/defenceu/status/1568962748188327937
GraphCrawler - GraphQL Automated Security Testing Toolkit
https://www.kitploit.com/2022/09/graphcrawler-graphql-automated-security.html
GitHub - iustin24/chameleon
https://github.com/iustin24/chameleon
House of IO - Heap Reuse
https://maxwelldulin.com/BlogPost?post=6295828480
Release v2.4 · six2dez/reconftw · GitHub
https://github.com/six2dez/reconftw/releases/tag/v2.4
Natalie Alms on Twitter: "Kiersten Todt, chief of staff at the Cybersecurity and Infrastructure Security Agency, said during a Billington panel today that CISA will be launching a pilot to hire neurodiverse cybersecurity experts. 👀" / Twitter
https://twitter.com/AlmsNatalie/status/1567999611163545602
Weekend Operations Manager, Forensics & Incident Response Engineering (FIRE)
https://ouryahoo.wd5.myworkdayjobs.com/careers/job/United-States-of-America---Remote/Weekend-Operations-Manager--Forensics---Incident-Response-Engineering--FIRE-_JR0020699
Internet disruptions registered as Russia moves in on Ukraine - NetBlocks
https://netblocks.org/reports/internet-disruptions-registered-as-russia-moves-in-on-ukraine-W80p4k8K
GitHub - Flangvik/TeamFiltration: TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
https://github.com/Flangvik/TeamFiltration
https://securereload.tech/Phishing/Lists/Latest/
https://securereload.tech/Phishing/Lists/Latest/
[47] Malware Lab - Unpacking Process Hollowing - YouTube
https://www.youtube.com/watch?v=HXX_0Rb6N-M![[47] Malware Lab - Unpacking Process Hollowing - YouTube](/image/screenshot/3edad3b4eae36703e93e26eb90c08720.webp)
(1) New Messages!
https://www.crowdstrike.com/blog/sandbox-scryer-free-threat-hunting-tool/
SID filter as security boundary between domains? (Part 7) - Trust account attack - from trusting to trusted — Improsec | improving security
https://improsec.com/tech-blog/sid-filter-as-security-boundary-between-domains-part-7-trust-account-attack-from-trusting-to-trusted
Meet Killnet, Russia’s hacking patriots plaguing Europe – POLITICO
https://www.politico.eu/article/meet-killnet-russias-hacking-patriots-plaguing-europe/
precisionism - UIUCTF 2022 - HackMD
https://hackmd.io/@parrot409/ry2mk-0A9
Maekshyft on Twitter: "😂😂😂😂 well now we know what to include in our security training hahaha https://t.co/IozvAtSwmG" / Twitter
https://twitter.com/Maekshyft/status/1568673611262889987
tindersvindleren_vg.pdf
https://www.skup.no/sites/default/files/metoderapport/2020-05/tindersvindleren_vg.pdf
SANS DFIR on Twitter: "DOWNLOAD IT NOW! 👉 https://t.co/DszTVpXz7R New #FOR509 #CloudForensics & #IncidentResponse Poster by @megan_roddie provides guidance on terminology, log sources across major cloud providers & a CLI cheat sheet for gathering evidence from each cloud👇 https://t.co/f6GlYmf2E3" / Twitter
https://twitter.com/sansforensics/status/1568993371749847042