USCGSoutheast on Twitter: "#UPDATE5/#FINAL Mr. Vitali Kremez's body was recovered by local authorities Wednesday. "We'd like to express our deepest condolences to the loved ones of Mr. Kremez," said CWO Edgardo Insignares, a Sector Miami command duty officer. #SAR" / Twitter
https://twitter.com/USCGSoutheast/status/1587837506384543757
Project Zero: Gregor Samsa: Exploiting Java's XML Signature Verification
https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html
Cryptolaemus on Twitter: "new Emotet E4 urls detected. [DLL] (1/2) hxxps://audioselec[.]com/about/dDw5ggtyMojggTqhc/ hxxp://intolove[.]co[.]uk/wp-admin/FbGhiWtrEzrQ/ hxxps://geringer-muehle[.]de/wp-admin/G/" / Twitter
https://twitter.com/Cryptolaemus1/status/1587720793584472065![Cryptolaemus on Twitter: "new Emotet E4 urls detected. [DLL] (1/2) hxxps://audioselec[.]com/about/dDw5ggtyMojggTqhc/ hxxp://intolove[.]co[.]uk/wp-admin/FbGhiWtrEzrQ/ hxxps://geringer-muehle[.]de/wp-admin/G/" / Twitter](/image/screenshot/0420e3c4105ce51a78a685d68c70500f.webp)
SANS Difference Makers 2022 - community vote
https://survey.sans.org/jfe/form/SV_eXuwVrkCVdeoKMu
Emotet botnet starts blasting malware again after 5 month break
https://www.bleepingcomputer.com/news/security/emotet-botnet-starts-blasting-malware-again-after-5-month-break/
Dropbox discloses breach after hacker stole 130 GitHub repositories
https://www.bleepingcomputer.com/news/security/dropbox-discloses-breach-after-hacker-stole-130-github-repositories/
crt.sh | Certificate Search
http://crt.sh
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation | Datadog Security Labs
https://securitylabs.datadoghq.com/articles/openssl-november-1-vulnerabilities/
405 Banned
https://urlhaus.abuse.ch/browse/tag/emotet/
How we handled a recent phishing incident that targeted Dropbox - Dropbox
https://dropbox.tech/security/a-recent-phishing-campaign-targeting-dropbox
Vitali Kremez on Twitter: "[Off security] New passion discovered - incredible diving while shark feeding in Jupiter, Fl deep water. I am on the left with blue fins. Wow! https://t.co/2kdYebkSqc" / Twitter
https://twitter.com/VK_Intel/status/1414637181826633730![Vitali Kremez on Twitter: "[Off security] New passion discovered - incredible diving while shark feeding in Jupiter, Fl deep water. I am on the left with blue fins. Wow! https://t.co/2kdYebkSqc" / Twitter](/image/screenshot/4eab416f886881835909e9ab97dcb616.webp)
Mark J Cox on Twitter: "The OpenSSL 3.0.7 release fixes two HIGH issues. Find out why we downgraded today from CRITICAL in the advisory and blog post https://t.co/sfABUzw5eA" / Twitter
https://twitter.com/iamamoose/status/1587477231009517572
VirusTotal - File - d07d1a4e7e5bac0eb9a34aaf4505742389e354808d5a73f1f5b6a41836a0d830
https://www.virustotal.com/gui/file/d07d1a4e7e5bac0eb9a34aaf4505742389e354808d5a73f1f5b6a41836a0d830
New SandStrike spyware infects Android devices via malicious VPN app
https://www.bleepingcomputer.com/news/security/new-sandstrike-spyware-infects-android-devices-via-malicious-vpn-app/
TheAnalyst on Twitter: "Emotet started spamming XLS and zipped XLS at 08:00 UTC sharp. All XLS are so far ef2ce641a4e9f270eea626e8e4800b0b97b4a436c40e7af30aeb6f02566b809c https://t.co/TJt0mTnM65" / Twitter
https://twitter.com/ffforward/status/1587726719414312960
Triage | Behavioral Report
https://tria.ge/221102-lh8zcsagb6/behavioral1
Cryptolaemus on Twitter: "🚨Emotet back in Distro Mode🚨 - As of 0800 UTC E4 began spamming and as of 0930 UTC E5 began spamming again. Looks like Ivan is in need of some cash again so he went back to work. Be on the lookout for direct attached XLS files and zipped and password protected XLS. 1/x" / Twitter
https://twitter.com/Cryptolaemus1/status/1587792659275448320
Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware
https://thehackernews.com/2022/11/chinese-hackers-using-new-stealthy.html
曝光!“海莲花”组织运营的物联网僵尸网络Torii
https://mp.weixin.qq.com/s/v2wiJe-YPG0ng87ffBB9FQ
Datadog, Inc. on Twitter: "Today, #OpenSSL released a patch for two vulnerabilities, CVE-2022-3602 and CVE-2022-3786. Our Security Labs team published a technical blog to help customers and the community understand the impact of CVE-2022-3602, with a PoC crash to boot! https://t.co/kC8X2zwwTe" / Twitter
https://twitter.com/datadoghq/status/1587490953790717954
Binary Defense Raises $36 Million From Invictus Growth Partners to Propel Rapid Expansion as the Most Trusted MDR Platform | Business Wire
https://www.businesswire.com/news/home/20221102005333/en/Binary-Defense-Raises-36-Million-From-Invictus-Growth-Partners-to-Propel-Rapid-Expansion-as-the-Most-Trusted-MDR-Platform
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/221102-jbee3aahfp
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/221102-kjt16abcbp
曝光!“海莲花”组织运营的物联网僵尸网络Torii
https://mp-weixin-qq-com.translate.goog/s/v2wiJe-YPG0ng87ffBB9FQ?_x_tr_sl=zh-CN&_x_tr_tl=en&_x_tr_hl=en
GitHub - colmmacc/CVE-2022-3602
https://github.com/colmmacc/CVE-2022-3602
Exploiting Static Site Generators: When Static Is Not Actually Static – Assetnote
https://blog.assetnote.io/2022/10/28/exploiting-static-site-generators/
Elon Musk on Twitter: "To all complainers, please continue complaining, but it will cost $8" / Twitter
https://twitter.com/elonmusk/status/1587627120355934208