Zscaler Trust
https://trust.zscaler.com/zscloud.net/posts/12256
Investigation Regarding Misconfigured Microsoft Storage Location – Microsoft Security Response Center
https://msrc-blog.microsoft.com/2022/10/19/investigation-regarding-misconfigured-microsoft-storage-location-2/
[CVE-2022-1786] A Journey To The Dawn | kylebot's Blog
https://blog.kylebot.net/2022/10/16/CVE-2022-1786/![[CVE-2022-1786] A Journey To The Dawn | kylebot's Blog](/image/screenshot/63354760469aab5fd16bbf027b703f35.webp)
PHP filters chain: What is it and how to use it
https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html
x86matthew - SharedMemUtils - A simple tool to automatically find vulnerabilities in shared memory objects
https://www.x86matthew.com/view_post?id=shared_mem_utils
From RM3 to LDR4: URSNIF Leaves Banking Fraud Behind | Mandiant
https://www.mandiant.com/resources/blog/rm3-ldr4-ursnif-banking-fraud
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/221020-qwls7sffan
Brad on Twitter: "2022-10-19 (Wednesday) - Saw #CobaltStrike (#BEACON) stager sent to an #IcedID- (#Bokbot-) infected Windows host today. Stager DLL hosted at: hxxp://111.90.146[.]114/download/TZ32-cr.dll - DLL did not execute properly in my lab. Sample available at: https://t.co/4372LxGrDc https://t.co/xg0yuh3EM9" / Twitter
https://twitter.com/malware_traffic/status/1582850206797680641![Brad on Twitter: "2022-10-19 (Wednesday) - Saw #CobaltStrike (#BEACON) stager sent to an #IcedID- (#Bokbot-) infected Windows host today. Stager DLL hosted at: hxxp://111.90.146[.]114/download/TZ32-cr.dll - DLL did not execute properly in my lab. Sample available at: https://t.co/4372LxGrDc https://t.co/xg0yuh3EM9" / Twitter](/image/screenshot/e4f3025fd59d0ff4f09fb6389cc0d893.webp)
VirusTotal - File - 38c792f68ff3be22660f77163628f10a1f47500a412c26335ad0ecd6f605e877
https://www.virustotal.com/gui/file/38c792f68ff3be22660f77163628f10a1f47500a412c26335ad0ecd6f605e877?nocache=1
An OSINT Analysis of x509 Certificates, Part One: Something Seems Phishy - Gigamon Blog
https://blog.gigamon.com/2022/10/19/an-osint-analysis-of-x509-certificates-part-one-something-seems-phishy/
Defenders beware: A case for post-ransomware investigations - Microsoft Security Blog
https://www.microsoft.com/security/blog/2022/10/18/defenders-beware-a-case-for-post-ransomware-investigations/
DeFi Hacks Analysis - Root Cause
https://wooded-meter-1d8.notion.site/0e85e02c5ed34df3855ea9f3ca40f53b?v=22e5e2c506ef4caeb40b4f78e23517ee
Microsoft data breach exposes customers’ contact info, emails
https://www.bleepingcomputer.com/news/security/microsoft-data-breach-exposes-customers-contact-info-emails/
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware | WeLiveSecurity
https://www.welivesecurity.com/2022/10/20/domestic-kitten-campaign-spying-iranian-citizens-furball-malware/
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/9ffd782dc0ff611a67170546287213e7ff90f9eff32faa573493c0b1d28b980b/
Qakbot/Qakbot_BB04_20.10.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB04_20.10.2022.txt
Google sued over biometric data collection without consent
https://www.bleepingcomputer.com/news/security/google-sued-over-biometric-data-collection-without-consent/
New Ursnif Variant Likely Shifting Focus to Ransomware and Data Theft
https://thehackernews.com/2022/10/latest-ursnif-variant-shifts-focus-from.html
Public Buckets by GrayhatWarfare
https://buckets.grayhatwarfare.com/bucket/507619/0
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/19ff7eb3e2f7eef435ef2ed4b2c5a45dcd3ae218ae7b1f52b528a0c7d383ce6b/
Reverse Engineering the Apple MultiPeer Connectivity Framework
https://www.evilsocket.net/2022/10/20/Reverse-Engineering-the-Apple-MultiPeer-Connectivity-Framework/