Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs – Horizon3.ai
https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
https://securityintelligence.com/posts/direct-kernel-object-manipulation-attacks-etw-providers/
GitHub - horizon3ai/CVE-2022-39952: POC for CVE-2022-39952
https://github.com/horizon3ai/CVE-2022-39952
Empire/CHANGELOG.md at main · BC-SECURITY/Empire · GitHub
https://github.com/BC-SECURITY/Empire/blob/main/CHANGELOG.md
Sensitive US military emails spill online | TechCrunch
https://techcrunch.com/2023/02/21/sensitive-united-states-military-emails-spill-online/
GitHub - BC-SECURITY/Empire: Empire is a PowerShell and Python 3.x post-exploitation framework.
https://github.com/BC-SECURITY/Empire
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery - Avast Threat Labs
https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/?s=09
ペイメントアプリケーションの改ざん(Webスキミング)に関する概説と対策手法について - セキュリティ研究センターブログ
https://security.macnica.co.jp/blog/2023/02/web-1.html
Activision confirms data breach exposing employee and game info
https://www.bleepingcomputer.com/news/security/activision-confirms-data-breach-exposing-employee-and-game-info/
Stealc: a copycat of Vidar and Raccoon infostealers gaining in popularity - Part 1
https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-1/
GitHub - LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection: This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
https://github.com/LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection![GitHub - LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection: This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.](/image/screenshot/cde277d2f6b22b85935512cbbed7baf9.webp)
Empire on Twitter: "THE WAIT IS OVER! Empire 5.0 & Starkiller 2.0 are here! - In-band SOCKS Proxy - Reporting on IOCs - Starkiller UI updates and Integration And a ton more! See the changelogs for more details. https://t.co/qDE5NruquU Download it here: https://t.co/N2LohfAkTA" / Twitter
https://twitter.com/EmpireC2Project/status/1628040178349613056