Follina Exploit Leads to Domain Compromise
https://thedfirreport.com/2022/10/31/follina-exploit-leads-to-domain-compromise/
USCGSoutheast on Twitter: "#SearchAndRescue @USCG crews are searching for 36-year-old Vitali Kremez, last seen wearing a black wetsuit and scuba tank while diving near #HollywoodBeach, Florida. Anyone with information is asked to call Sector Miami at (305) 535-4472." / Twitter
https://twitter.com/USCGSoutheast/status/1586820085116715009
SensePost | Abusing windows’ tokens to compromise active directory without touching lsass
https://sensepost.com/blog/2022/abusing-windows-tokens-to-compromise-active-directory-without-touching-lsass/
Twitter to start charging $20 per month for verification - The Verge
https://www.theverge.com/2022/10/30/23431931/twitter-paid-verification-elon-musk-blue-monthly-subscription
New Azov data wiper tries to frame researchers and BleepingComputer
https://www.bleepingcomputer.com/news/security/new-azov-data-wiper-tries-to-frame-researchers-and-bleepingcomputer/
Defender’s Guide – Posts By SpecterOps Team Members
https://posts.specterops.io/defenders-guide/home
Alex Heath on Twitter: "NEW: Twitter is planning to start charging $20 a month for verification. It’s Elon Musk’s first big project. Oh, and the team building it was told they will all be fired if they don’t meet a launch deadline of November 7th. https://t.co/Kk8IVynhzw" / Twitter
https://twitter.com/alexeheath/status/1586883942870749185
Orion Threat Alert: Qakbot TTPs Arsenal and the Black Basta Ransomware - Cynet
https://www.cynet.com/blog/orion-threat-alert-qakbot-ttps-arsenal-and-the-black-basta-ransomware/
http://xss.ht
http://xss.ht
Spy agency embraces meme culture and the internet is here for it - CyberScoop
https://www.cyberscoop.com/nsa-memes-cybersecurity-awareness/
GitHub Repojacking Bug Could've Allowed Attackers to Takeover Other Users' Repositories
https://thehackernews.com/2022/10/github-repojacking-bug-couldve-allowed.html
XSS Hunter Deprecation FAQ - Google ドキュメント
https://docs.google.com/document/d/1HlkDOZhIxwgLWeFf4L8Vy3OIPAedeC3cMw0Jz4WORag/preview
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/24aec370771ad1208aeb54721067c9e3b139a368f13ab6b131dc7d6c13da5127/
nilay patel on Twitter: "Scoop from @alexeheath: it’ll be $20/mo to be verified, and if the team doesn’t ship in a week, they’re fired https://t.co/w5QMdiHPA1" / Twitter
https://twitter.com/reckless/status/1586884530988027904
Qakbot/Qakbot_BB05_31.10.2022.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB05_31.10.2022.txt
Safari is hot-linking images to semi-random websites | PortSwigger Research
https://portswigger.net/research/safari-is-hot-linking-images-to-semi-random-websites
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/23dfa98dc0b37502bfc20df6154d83dc07d15c7a9980db8f0cf6d5963a997ee6/
GitHub - ORCx41/DeleteShadowCopies: Deleting Shadow Copies In Pure C++
https://github.com/ORCx41/DeleteShadowCopies
APT10: Tracking down LODEINFO 2022, part I | Securelist
https://securelist.com/apt10-tracking-down-lodeinfo-2022-part-i/107742/
Backup Server Hacked - SUPPLY CHAIN Code Execution - YouTube
https://www.youtube.com/watch?v=HnS9o9E7rhY