Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1
https://securityintelligence.com/posts/analysis-rce-vulnerability-cobalt-strike/
WAM BAM - Recovering Web Tokens From Office - XPN InfoSec Blog
https://blog.xpnsec.com/wam-bam/
tesla_hexacon.pdf
https://www.synacktiv.com/sites/default/files/2022-10/tesla_hexacon.pdf
Chinese 'Spyder Loader' Malware Spotted Targeting Organizations in Hong Kong
https://thehackernews.com/2022/10/chinese-spyder-loader-malware-spotted.html
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/bcf7164f6f8a9b8c547be09d6c50782bd622876a392cc30235d952e77b9ed638/
Qakbot/Qakbot_BB03_18.10.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB03_18.10.2022.txt
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/575ae68ec17b7a00ee668f76f64dc5f75390c61eb3976bddc3483d293d211d9b/
Changing memory protection using APC
https://blog.offensive.af/changing-memory-protection-using-apc
A New Attack Surface on MS Exchange Part 4 - ProxyRelay! | DEVCORE
https://devco.re/blog/2022/10/19/a-new-attack-surface-on-MS-exchange-part-4-ProxyRelay/
REvil – Darknet Diaries
https://darknetdiaries.com/episode/126/
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
https://thehackernews.com/2022/10/critical-rce-vulnerability-discovered.html
U.S. fought to keep veterans' jobs with foreign governments secret - Washington Post
https://www.washingtonpost.com/investigations/interactive/2022/veterans-us-foreign-jobs-saudi-arabia/
CVE-2022-42889: Keep Calm and Stop Saying "4Shell" | Rapid7 Blog
https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/
ProxyRelay - A New Attack Surface on Microsoft Exchange Server! - YouTube
https://www.youtube.com/watch?v=IFRvmo6AZoY
Windows Mark of the Web bypass zero-day gets unofficial patch
https://www.bleepingcomputer.com/news/microsoft/windows-mark-of-the-web-bypass-zero-day-gets-unofficial-patch/
Statikk Shiv: Leveraging Electron Applications For Post Exploitation | Ruben Boonen | WWHF San Diego - YouTube
https://www.youtube.com/watch?v=VXb6lwXhCAc
chompie on Twitter: "Pleased to announce I’ve joined the @xforcered Adversary Simulation team. I’ll be focusing on exploit development and offensive security research. Stay tuned for new things ahead :)" / Twitter
https://twitter.com/chompie1337/status/1582170854720692224
Spyder Loader: Malware Seen in Recent Campaign Targeting Organizations in Hong Kong | Symantec Enterprise Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/spyder-loader-cuckoobees-hong-kong
unusual_whales on Twitter: "This house sold as a real word NFT for $175,000 over the weekend. The way it works: - The LLC takes ownership of the property - They tokenize the property & mint an NFT that represents ownership of the house - Holding the NFT gives you ownership of the actual house https://t.co/fuUl3oGCHx" / Twitter
https://twitter.com/unusual_whales/status/1582438467342307328
CYBERCOM executed global cyberspace defensive operation > U.S. Cyber Command > News
https://www.cybercom.mil/Media/News/Article/3190716/cybercom-executed-global-cyberspace-defensive-operation/