Ryan Mac 馃檭 on Twitter: "We saw internal docs with more insight into the new Twitter Blue: -Launch on Nov. 7 but only in current markets (US, CA, Aus, NZ) -Check marks for subscribers, no current ID authentication -Some features announced by Musk won't be ready -Euro launch soon https://t.co/K646aQrThi https://t.co/1jToHytXfi" / Twitter
https://twitter.com/RMac18/status/1588304086792667136
Project Zero: A Very Powerful Clipboard: Analysis of a Samsung in-the-wild exploit chain
https://googleprojectzero.blogspot.com/2022/11/a-very-powerful-clipboard-samsung-in-the-wild-exploit-chain.html
tweets/2022-11-03-IOCs-for-Emotet-with-IcedID.txt at master 路 pan-unit42/tweets 路 GitHub
https://bit.ly/3zIZuhJ
銉炪儷銈︺偋銈motet銇劅鏌撳啀鎷″ぇ銇枹銇欍倠娉ㄦ剰鍠氳捣
https://www.jpcert.or.jp/at/2022/at220006.html
Elon Musk on Twitter: "Twitter has had a massive drop in revenue, due to activist groups pressuring advertisers, even though nothing has changed with content moderation and we did everything we could to appease the activists. Extremely messed up! They鈥檙e trying to destroy free speech in America." / Twitter
https://twitter.com/elonmusk/status/1588538640401018880
Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor - SentinelOne
https://www.sentinelone.com/labs/black-basta-ransomware-attacks-deploy-custom-edr-evasion-tools-tied-to-fin7-threat-actor/
an0n on Twitter: "here is a basic meterpreter protocol stager for PE stages using the libpeconv project by @hasherezade: https://t.co/qsdb9XWvgj no evasion included, using this only as a template. but already able to run it with a Sliver EXE beacon as a stage against Defender for Endpoint. https://t.co/tJISqcRJf7" / Twitter
https://twitter.com/an0n_r0/status/1587163486320300032
GitHub - Bdenneu/CVE-2022-33679: One day based on https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html
https://github.com/Bdenneu/CVE-2022-33679
GitHub - CrowdStrike/SuperMem: A python script developed to process Windows memory images based on triage type.
https://github.com/CrowdStrike/SuperMem
infosec.exchange - Infosec Exchange
http://infosec.exchange
Qakbot/Qakbot_BB05_04.11.2022.txt at main 路 pr0xylife/Qakbot 路 GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB05_04.11.2022.txt
Ryan Mac 馃檭 on Twitter: "We saw internal docs with more insight into the new Twitter Blue: -Launch on Nov. 7 but only in current markets (US, CA, Aus, NZ) -Check marks for subscribers, no current ID authentication -Some features announced by Musk won't be ready -Euro launch soon https://t.co/K646aQrThi https://t.co/1jToHytXfi" / Twitter
https://twitter.com/rmac18/status/1588304086792667136
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/907b3cc7168067b2e2c4db2318cc9fa2ebc58963571c92665b447c447b6cc3a1/
Not a dream job: Hunting for malicious job offers from an APT ~ VirusTotal Blog
https://blog.virustotal.com/2022/11/not-dream-job-hunting-for-malicious-job.html
ExecASLR - Google 銈广儵銈ゃ儔
https://docs.google.com/presentation/d/10t-oo-c26x9ydx1_FYgmhy204rxfmQ92eboPlCnA2y4/edit?usp=sharing
Z-Library eBook site domains seized by U.S. Dept of Justice
https://www.bleepingcomputer.com/news/technology/z-library-ebook-site-domains-seized-by-us-dept-of-justice/
tesla_hexacon.pdf
https://www.synacktiv.com/sites/default/files/2022-10/tesla_hexacon.pdf
EMOTET Dynamic Configuration Extraction | Elastic
https://www.elastic.co/security-labs/emotet-dynamic-configuration-extraction
Objective-See
https://objective-see.org/products/utilities.html#DNSMonitor
Threat Insight on Twitter: "Today Proofpoint observed the #Emotet E4 botnet delivering what seems to be a development build of a new #IcedID Loader. This module has the ID 2445 and directly downloads the IcedID bot." / Twitter
https://twitter.com/threatinsight/status/1588318895902973954