Hacking into Toyota’s global supplier management network
https://eaton-works.com/2023/02/06/toyota-gspims-hack/
Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available - SentinelOne
https://www.sentinelone.com/labs/cl0p-ransomware-targets-linux-systems-with-flawed-encryption-decryptor-available/
Ron Bowes on Twitter: "We just published details about the @fortraofficial GoAnywhere RCE from last week, which is now assigned CVE-2023-0669. It's pre-auth, being actively exploited, and is relative easy to reverse engineer from their mitigation steps https://t.co/MEuIFMiSQv" / Twitter
https://twitter.com/iagox86/status/1622697246482628608
Sliver Malware With BYOVD Distributed Through Sunlogin Vulnerability Exploitations - ASEC BLOG
https://asec.ahnlab.com/en/47088/
GoAnywhere MFT - A Forgotten Bug | Frycos Security Diary
https://frycos.github.io/vulns4free/2023/02/06/goanywhere-forgotten.html
Max_Malyutin on Twitter: "#Qakbot TAs keep pushing OneNote (.one) Spam Be aware now TA uses embedded .hta inside the .one for execution🚨 OneNote.exe > mshta.exe > #TTPs Potentially the same can be done by: .cmd.bat|.com|.js|.jse|.lnk|.pif|.vbe|.vbs|.wsf and more... https://t.co/OuS88OTzNu" / Twitter
https://twitter.com/Max_Mal_/status/1621184671403884545
Actively exploited GoAnywhere MFT zero-day gets emergency patch
https://www.bleepingcomputer.com/news/security/actively-exploited-goanywhere-mft-zero-day-gets-emergency-patch/
TeamFiltration V3.5.0 - Improve All the Things! - TrustedSec
https://hubs.la/Q01Bxrp20
TrustedSec on Twitter: "New on our #blog: Senior Security Consultant @Flangvik updates us on improvements made to TeamFiltration, a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring Office 365 Azure AD accounts. https://t.co/Gd6X81Ap1q" / Twitter
https://twitter.com/TrustedSec/status/1622991075156664321
Triage | Malware sandboxing report by Hatching Triage
https://tria.ge/230206-2awl3abd7v
https://gist.githubusercontent.com/Jquinn147/4f6b6a90f47de6e39504e8605f397330/raw/38d7ae1c4f09b76ad2d9c98b8efde30a2962fe88/BatLoaderCampaign_02062023
https://gist.githubusercontent.com/Jquinn147/4f6b6a90f47de6e39504e8605f397330/raw/38d7ae1c4f09b76ad2d9c98b8efde30a2962fe88/BatLoaderCampaign_02062023
NIST SP 800-63 Digital Identity Guidelines
https://openid-foundation-japan.github.io/800-63-4/
The technology behind GitHub’s new code search | The GitHub Blog
https://github.blog/2023-02-06-the-technology-behind-githubs-new-code-search/
Space Rogue on Twitter: "So, ummm, I wrote a book. Space Rogue: How the Hackers Known as L0pht Changed the World Available for pre-order now, ships Feb 16 https://t.co/tO2CcE0Wvm https://t.co/qqLLoppq7h" / Twitter
https://twitter.com/spacerog/status/1613161453779062787
VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree
https://thehackernews.com/2023/02/vmware-finds-no-evidence-of-0-day-flaw.html