Exclusive: Russian hackers targeted U.S. nuclear scientists | Reuters
https://www.reuters.com/world/europe/russian-hackers-targeted-us-nuclear-scientists-2023-01-06/
Unraveling the techniques of Mac ransomware - Microsoft Security Blog
https://www.microsoft.com/en-us/security/blog/2023/01/05/unraveling-the-techniques-of-mac-ransomware/
GitHub - D1rkMtr/UnhookingPatch: Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
https://github.com/D1rkMtr/UnhookingPatch
Patrick Wardle on Twitter: "Microsoft's latest ~5000 word "research" blog on Mac ransomware contain zero new research ...yet contains no citations / credit to existing research 😢 See: https://t.co/nhmeniUuLC Worst, seems pretty close to ripping off "The Art of Mac Malware" book. 😳 What y'all think? https://t.co/xiWSxz9RCt" / Twitter
https://twitter.com/patrickwardle/status/1611482670156091392
Vesselin Bontchev / whodunit · GitLab
https://gitlab.com/bontchev/whodunit
I scanned every package on PyPi and found 57 live AWS keys | Tom Forbes
https://tomforb.es/i-scanned-every-package-on-pypi-and-found-57-live-aws-keys/
Unveiling of a large resilient infrastructure distributing information stealers
https://blog.sekoia.io/unveiling-of-a-large-resilient-infrastructure-distributing-information-stealers/
Unauthenticated Command Injection · Advisory · Cacti/cacti · GitHub
https://github.com/Cacti/cacti/security/advisories/GHSA-6p93-p743-35gf
In Memoriam: Remembering Those Who Passed
https://bit.ly/3ZklwCi
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
https://thehackernews.com/2023/01/hackers-using-captcha-bypass-tactics-in.html
VSCode Marketplace can be abused to host malicious extensions
https://www.bleepingcomputer.com/news/microsoft/vscode-marketplace-can-be-abused-to-host-malicious-extensions/
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More | Sam Curry
https://samcurry.net/web-hackers-vs-the-auto-industry/
Chick-fil-A investigates reports of hacked customer accounts
https://www.bleepingcomputer.com/news/security/chick-fil-a-investigates-reports-of-hacked-customer-accounts/
ChatGPT is enabling script kiddies to write functional malware | Ars Technica
https://arstechnica.com/information-technology/2023/01/chatgpt-is-enabling-script-kiddies-to-write-functional-malware/
Qualcomm UEFI Flaws Expose Microsoft, Lenovo, Samsung Devices to Attacks | SecurityWeek.Com
https://www.securityweek.com/qualcomm-uefi-flaws-expose-microsoft-lenovo-samsung-devices-attacks
All About USB-C: Introduction For Hackers | Hackaday
https://hackaday.com/2022/12/06/usb-c-introduction-for-hackers/
Advanced KQL for Threat Hunting: Window Functions — Part 1 | by Mehmet Ergene | Jan, 2023 | Medium
https://posts.bluraven.io/advanced-kql-for-threat-hunting-window-functions-part-1-14ac09353ad3
OPWNAI : Cybercriminals Starting to Use ChatGPT – Check Point Research
https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
Monthly Malware Digests
http://hubs.ly/Q01x40Ct0
Brent Davidson on Twitter: "Hahaha. Democrat @RepKatiePorter in the chamber during #SpeakerVote https://t.co/0j6HyBjxvW" / Twitter
https://twitter.com/Brentus88/status/1611579705899253761
Rob Morris on Twitter: "We provided mental health support to about 4,000 people — using GPT-3. Here’s what happened 👇" / Twitter
https://twitter.com/RobertRMorris/status/1611450197707464706
SANS Offensive Operations on Twitter: "🚨 BETA COURSE AVAILABLE 🚨 New #SEC670 #RedTeaming Tools course with special BETA pricing is now open for registration. You can catch author Jonathan Reiter speaking early on about the dev here: https://t.co/DIZizr2ONu Get in while you can! https://t.co/uqCoVYhzLH https://t.co/5KDgnzcsvF" / Twitter
https://twitter.com/sansoffensive/status/1611502952950136832
Corrupting memory without memory corruption | The GitHub Blog
https://github.blog/2022-07-27-corrupting-memory-without-memory-corruption/