Stealing passwords from infosec Mastodon - without bypassing CSP | PortSwigger Research
https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
GitHub - dirkjanm/ROADtools: The Azure AD exploration framework.
https://github.com/dirkjanm/ROADtools
A Comprehensive Look at Emotet’s Fall 2022 Return | Proofpoint US
http://ow.ly/EF3A50LFkcn
US govt: Iranian hackers breached federal agency using Log4Shell exploit
https://www.bleepingcomputer.com/news/security/us-govt-iranian-hackers-breached-federal-agency-using-log4shell-exploit/
Bypassing AV/EDR Hooks via Vectored Syscall - POC
https://www.cyberwarfare.live/blog/vectored-syscall-poc
CVE-2022-32932: ZinComputeProgramUpdateMutables() OOB write due to double fetch issue | 0x36.github.io
https://0x36.github.io/CVE-2022-32932/
GitHub - ufrisk/MemProcFS: MemProcFS
https://github.com/ufrisk/MemProcFS
Zero Day Initiative — Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend
A Comprehensive Look at Emotet’s Fall 2022 Return | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/comprehensive-look-emotets-fall-2022-return
Researchers Discover Hundreds of Amazon RDS Instances Leaking Users' Personal Data
https://thehackernews.com/2022/11/researchers-discover-hundreds-of-amazon.html
BFS Hiring Challenge | Bluefrostsecurity
https://labs.bluefrostsecurity.de/blog.html/2022/03/01/bfs-hiring-challenge/
Magento stores targeted in massive surge of TrojanOrders attacks
https://www.bleepingcomputer.com/news/security/magento-stores-targeted-in-massive-surge-of-trojanorders-attacks/
Alleged Zeus cybercrime leader arrested in Geneva, to be extradited to US - The Record by Recorded Future
https://therecord.media/alleged-zeus-cybercrime-leader-arrested-in-geneva-to-be-extradited-to-us/
Writeups/BFS-hiring-challenge-2022 at master · tykawaii98/Writeups · GitHub
https://github.com/tykawaii98/Writeups/tree/master/BFS-hiring-challenge-2022
Cybersecurity and Infrastructure Security Agency on Twitter: "We published an advisory with our partners @FBI that provides #IOCs and #TTPs on Iranian government-sponsored #APT actors malicious activity to compromise a federal agency network. Read the advisory: https://t.co/3NJPHPzIan https://t.co/5glNy4XLPY" / Twitter
https://twitter.com/CISAgov/status/1592908176235511808
Token tactics: How to prevent, detect, and respond to cloud token theft - Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog/2022/11/16/token-tactics-how-to-prevent-detect-and-respond-to-cloud-token-theft/
North Korean hackers target European orgs with updated malware
https://www.bleepingcomputer.com/news/security/north-korean-hackers-target-european-orgs-with-updated-malware/
BATLOADER: The Evasive Downloader Malware - VMware Security Blog - VMware
https://blogs.vmware.com/security/2022/11/batloader-the-evasive-downloader-malware.html
Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester | CISA
https://www.cisa.gov/uscert/ncas/alerts/aa22-320a
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures | Rapid7 Blog
https://www.rapid7.com/blog/post/2022/11/16/cve-2022-41622-and-cve-2022-41800-fixed-f5-big-ip-and-icontrol-rest-vulnerabilities-and-exposures/
Ankit Anubhav on Twitter: "#Grandoeiro Anti sandbox - To run the malware exe victim needs to solve a captcha. Use of azure cloudapp, malware does a POST with string "INFECTADO" Connects to a HFS server - It looks like XML but in reality these are archives hiding exe payload. 300MB+ size. C2 : ciscofreak😂 https://t.co/jSnuQIPiFQ" / Twitter
https://twitter.com/ankit_anubhav/status/1555521068734902272
Ukrainian Analysis Identifies Western Supply Chain Behind Iran’s Drones - WSJ
https://www.wsj.com/articles/ukrainian-analysis-identifies-western-supply-chain-behind-irans-drones-11668575332
DuckDuckGo now lets all Android users block trackers in their apps
https://www.bleepingcomputer.com/news/security/duckduckgo-now-lets-all-android-users-block-trackers-in-their-apps/
GitHub - S3cur3Th1sSh1t/WinPwn: Automation for internal Windows Penetrationtest / AD-Security
https://github.com/S3cur3Th1sSh1t/WinPwn
Billbug: State-sponsored Actor Targets Cert Authority, Government Agencies in Multiple Asian Countries | Symantec Enterprise Blogs
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/espionage-asia-governments-cert-authority
It’s all in the details: The curious case of an lsass dumper gone undetected
https://dec0ne.github.io/research/2022-11-14-Undetected-Lsass-Dump-Workflow/
Senior Offensive Security Engineer - Red Team
https://zoom.wd5.myworkdayjobs.com/Zoom/job/Remote--CA---Southern-California/Senior-Security-Engineer---Red-Team_R11080
TripleCross - A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.
http://www.kitploit.com/2022/11/triplecross-linux-ebpf-rootkit-with.html
Triage | Behavioral Report
https://tria.ge/221116-epb5msha98/behavioral4
Slides_PDF - Google ドライブ
https://drive.google.com/drive/folders/15f9TyvY4unrQOICKqVhyCNUDZkulM68P