2022 Year in Review - The DFIR Report
https://thedfirreport.com/2023/03/06/2022-year-in-review/
Germany and Ukraine hit two high-value ransomware targets | Europol
https://www.europol.europa.eu/media-press/newsroom/news/germany-and-ukraine-hit-two-high-value-ransomware-targets
Brute Ratel analysis
https://protectedmo.de/brute.html
Qakbot/Qakbot_BB18_06.03.2023.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB18_06.03.2023.txt
BleepingComputer on Twitter: "How to block Microsoft OneNote files from infecting Windows - @LawrenceAbrams https://t.co/oyT5NEf3GA" / Twitter
https://twitter.com/BleepinComputer/status/1632477092423008258
How to prevent Microsoft OneNote files from infecting Windows with malware
https://www.bleepingcomputer.com/news/security/how-to-block-microsoft-onenote-files-from-infecting-windows/
Matthew on Twitter: "Decoding a suspected #AsyncRAT loader. A high-level overview of my thought process using #CyberChef. 1⃣ Identify the primary encoding (Decimal in this case) 2⃣ Simplify and remove junk around encoding ( char[] etc) Noting that there are regex and non-regex options for doing… https://t.co/YXGvl1W3D8" / Twitter
https://twitter.com/i/web/status/1632609284017225729![Matthew on Twitter: "Decoding a suspected #AsyncRAT loader. A high-level overview of my thought process using #CyberChef. 1⃣ Identify the primary encoding (Decimal in this case) 2⃣ Simplify and remove junk around encoding ( char[] etc) Noting that there are regex and non-regex options for doing… https://t.co/YXGvl1W3D8" / Twitter](/image/screenshot/95474ae314e8c1fbbc7b96d8010d3bbb.webp)
GitHub Security Lab audited DataHub: Here's what they found | The GitHub Blog
https://github.blog/2023-03-03-github-security-lab-audited-datahub-heres-what-they-found/#json-injection-ghsl-2022-080
Kostas on Twitter: "After many hours of work over several weeks, the 2022 year-in-review report is out. I hope everyone in the community finds it useful and use it to battle the most commonly used TAs TTPs as we observed them. All data we publish are from real intrusions by real attackers! Enjoy 👇" / Twitter
https://twitter.com/i/web/status/1632773254376214528
Orion/APT_Nobelium_GraphicalNeutrino_Feb_2023_1.yara at main · StrangerealIntel/Orion · GitHub
https://github.com/StrangerealIntel/Orion/blob/main/APT/APT_Nobelium_GraphicalNeutrino_Feb_2023_1.yara
Félix Aimé on Twitter: "Possible (and relatively "new") #NOBELIUM shit submitted on VT: 21a0b617431850a9ea2698515c277cbd95de4e59c493d0d8f194f3808eb16354" / Twitter
https://twitter.com/felixaime/status/1632448523995103232
Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine
https://thehackernews.com/2023/03/core-members-of-doppelpaymer-ransomware.html
MalwareBazaar | Browse Checking your browser
https://bazaar.abuse.ch/browse/tag/BlueBravo/
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
https://thehackernews.com/2023/03/experts-discover-flaw-in-us-govts.html
The DFIR Report on Twitter: "2022 Year in Review ➡️Most common TTPs we saw in 2022 ➡️Trends around IAB's ➡️Top detections ➡️Ransomware propagation methods ➡️and more! https://t.co/KT7u22VHFc" / Twitter
https://twitter.com/thedfirreport/status/1632726566412140545
The Cybersecurity Landscape is Evolving. Are You? | SANS Institute
https://www.sans.org/u/1pig
Cross-Site Scripting (XSS) Cheat Sheet - 2023 Edition | Web Security Academy
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#navigation-navigate-method
cta-2023-0127.pdf
https://go.recordedfuture.com/hubfs/reports/cta-2023-0127.pdf