BlackLotus UEFI bootkit: Myth confirmed | WeLiveSecurity
https://www.welivesecurity.com/2023/03/01/blacklotus-uefi-bootkit-myth-confirmed/
Source Incite
https://srcincite.io/advisories/src-2022-0023/
VMWare Workspace ONE Access | Team Trenchant
https://trenchant.io/vmware-workspace-one-access/
Total Identity Compromise: DART lessons on securing Active Directory - Microsoft Community Hub
https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/total-identity-compromise-dart-lessons-on-securing-active/ba-p/3753391
Making New Connections – Leveraging Cisco AnyConnect Client to Drop and Run Payloads – NCC Group Research
https://research.nccgroup.com/2023/03/01/making-new-connections-leveraging-cisco-anyconnect-client-to-drop-and-run-payloads/
GitHub - Demonslay335/CryptoTester: A utility for playing with cryptography, geared towards ransomware analysis.
https://github.com/Demonslay335/CryptoTester
공공 기관 및 대학 등에 널리 사용하는 공인인증서 소프트웨어 취약점을 이용한 Lazarus 공격 그룹 공격 사례 - ASEC BLOG
https://asec.ahnlab.com/ko/48416/
Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
https://www.trendmicro.com/en_us/research/23/c/iron-tiger-sysupdate-adds-linux-targeting.html
Lazarus attack group attack case using public certificate software vulnerability widely used in public institutions and universities - ASEC BLOG
https://asec-ahnlab-com.translate.goog/ko/48416/?_x_tr_sl=ko&_x_tr_tl=en&_x_tr_hl=en
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/a3cec099b936e9f486de3b1492a81e55b17d5c2b06223f4256d49afc7bd212bc/
Job Description - Cyber Threat Analyst, Cyber Threat Analysis Branch (CTAB) (230120)
https://nato.taleo.net/careersection/2/jobdetail.ftl?job=230120
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
https://thehackernews.com/2023/03/blacklotus-becomes-first-uefi-bootkit.html
Job Description - Strategic Cyber Threat Analyst (230121)
https://nato.taleo.net/careersection/2/jobdetail.ftl?job=230121
Helping Cyber Defenders “Decide” to Use MITRE ATT&CK | CISA
https://www.cisa.gov/news-events/news/helping-cyber-defenders-decide-use-mitre-attck
Victims of MortalKombat ransomware can now decrypt their locked files for free - The Record from Recorded Future News
https://therecord.media/victims-of-mortalkombat-ransomware-can-now-decrypt-their-locked-files-for-free/
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/sample/9d1e71b94eab825c928377e93377feb62e02a85b7d750b883919207119a56e0d/
Job Description - Cyber Threat Analyst (230119)
https://nato.taleo.net/careersection/2/jobdetail.ftl?job=230119
Experience the Refreshed OffSec | OffSec
https://www.offsec.com/offsec/experience-the-refreshed-offsec/
ESET Research on Twitter: "#ESETResearch analyze first in-the-wild UEFI bootkit bypassing UEFI Secure Boot even on fully updated Windows 11 systems. Its functionality indicates it is the #BlackLotus UEFI bootkit, for sale on hacking forums since at least Oct 6, 2022. @smolar_m https://t.co/mXSXksRisG 1/11" / Twitter
https://twitter.com/ESETresearch/status/1630879216353923072
Antisyphon Summit 2023 - Antisyphon
https://www.antisyphontraining.com/2023-most-offensive-summit/
LKML: Tavis Ormandy: x86: AMD Zen2 ymm registers rolling back
https://lkml.org/lkml/2023/2/22/33
VU#782720 - TCG TPM2.0 implementations vulnerable to memory corruption
https://kb.cert.org/vuls/id/782720