LastPass: DevOps engineer hacked to steal password vault data in 2022 breach
https://www.bleepingcomputer.com/news/security/lastpass-devops-engineer-hacked-to-steal-password-vault-data-in-2022-breach/
Incident 2 – Additional details of the attack - LastPass Support
https://support.lastpass.com/help/incident-2-additional-details-of-the-attack
LastPass says employee’s home computer was hacked and corporate vault taken | Ars Technica
https://arstechnica.com/information-technology/2023/02/lastpass-hackers-infected-employees-home-computer-and-stole-corporate-vault/
GitHub - ZeroMemoryEx/Amsi-Killer: Lifetime AMSI bypass
https://github.com/ZeroMemoryEx/Amsi-Killer
Ransomware attack on US Marshals Service affects 'law enforcement sensitive information' | CNN Politics
https://www.cnn.com/2023/02/27/politics/us-marshals-service-ransomeware-attack
GitHub - mrexodia/lolbin-poc: Small PoC of using a Microsoft signed executable as a lolbin.
https://github.com/mrexodia/lolbin-poc
MG on Twitter: "New details on the 2nd LastPass incident are fun: - got into Sr DevOp's home via vuln media software - installed keylogger - got master pass to corp vault (seemingly because it was being accessed from home computer) Cool to see that LastPass is sharing https://t.co/YFoISimpYR…" / Twitter
https://twitter.com/i/web/status/1630296865131630592
U.S. Marshals Service investigating ransomware attack, data theft
https://www.bleepingcomputer.com/news/security/us-marshals-service-investigating-ransomware-attack-data-theft/
TA569: SocGholish and Beyond | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/ta569-socgholish-and-beyond
Offensive Rust | Red Team Sorcery
https://redteamsorcery.teachable.com/p/offensive-rust
Blind Eagle Deploys Fake UUE Files and Fsociety to Target Colombia's Judiciary, Financial, Public, and Law Enforcement Entities
https://blogs.blackberry.com/en/2023/02/blind-eagle-apt-c-36-targets-colombia
POC_Crew 👨👩👦👦 on Twitter: "[Zer0Con2023] - Speakers updated Please find more details at https://t.co/9wFYy2zQEq More speakers will be updated soon #Zer0con2023" / Twitter
https://twitter.com/poc_crew/status/1630467895078834177![POC_Crew 👨👩👦👦 on Twitter: "[Zer0Con2023] - Speakers updated Please find more details at https://t.co/9wFYy2zQEq More speakers will be updated soon #Zer0con2023" / Twitter](/image/screenshot/363707194472479ace2e164eebcc692f.webp)
Qakbot/Qakbot_BB17_28.02.2023.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB17_28.02.2023.txt
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
https://thehackernews.com/2023/02/lastpass-reveals-second-attack.html
MG on Twitter: "It was Plex. They exploited Plex to get into the home network, installed a keylogger on a home laptop, and got the corp vault password because the home laptop was logging into it. Targeted high value employee shortly after the https://t.co/n5DWiGpmkD…" / Twitter
https://twitter.com/_MG_/status/1630426740479905792
Malware-IOCs/2023-02-27 Qakbot (BB17) IOCs at main · executemalware/Malware-IOCs · GitHub
https://github.com/executemalware/Malware-IOCs/blob/main/2023-02-27%20Qakbot%20(BB17)%20IOCs
Relaying Everything: Coercing Authentications Episode 1 - MSSQL - 0xdeaddood
https://0xdeaddood.rocks/2023/02/28/relaying-everything-coercing-authentications-episode-1-mssql/
First steps in CHERIoT Security Research | MSRC Blog | Microsoft Security Response Center
https://msrc.microsoft.com/blog/2023/02/first-steps-in-cheriot-security-research/
GitHub - TrimarcJake/Locksmith: A tool to identify and remediate common misconfigurations in Active Directory Certificate Services
https://github.com/TrimarcJake/Locksmith
LastPass Says DevOps Engineer Home Computer Hacked - SecurityWeek
https://www.securityweek.com/lastpass-says-devops-engineer-home-computer-hacked/
Windows Instrumentation With Frida - Black Hat USA 2023 | Trainings Schedule
https://www.blackhat.com/us-23/training/schedule/#windows-instrumentation-with-frida-306631675699506
Windows Instrumentation With Frida - Black Hat USA 2023 | Trainings Schedule
https://www.blackhat.com/us-23/training/schedule/#windows-instrumentation-with-frida-30663
IPinfo – IP Data Provider on Twitter: "Say "Hello" 👋 to the IPinfo ✨FREE✨ IP Data Downloads! 🔹 IP to Country + ASN data 🔹 Updated every 24 hours 🔹 Various formats 🔹 Best accuracy 🔹 Unlimited access Download the dataset 👉 https://t.co/3obZcE6oUi How this changes the IP game🧵👇 https://t.co/9svt47hNM9" / Twitter
https://twitter.com/ipinfoio/status/1630629172224598017