ETWHash - "He who listens, shall receive" - Nettitude Labs
https://labs.nettitude.com/blog/etwhash-he-who-listens-shall-receive/
Raspberry Robin: A global USB malware campaign providing access to ransomware operators
https://blog.bushidotoken.net/2023/05/raspberry-robin-global-usb-malware.html
Merck’s Insurers On the Hook in $1.4 Billion NotPetya Attack, Court Says - WSJ
https://www.wsj.com/articles/mercks-insurers-on-the-hook-in-1-4-billion-notpetya-attack-court-says-528aeb01
Beyond Banking: IcedID Gets Forked - DISCARDED: Tales From the Threat Research Trenches | Podcast on Spotify
https://open.spotify.com/episode/4MKUamWzUxKw65fBjQ7CH5?si=4c080b0db5a44da6
Exploring Impersonation through the Named Pipe Filesystem Driver | by Jonathan Johnson | May, 2023 | Posts By SpecterOps Team Members
https://posts.specterops.io/exploring-impersonation-through-the-named-pipe-filesystem-driver-15f324dfbaf2
Zero Day Initiative — CVE-2023-28231: RCE in the Microsoft Windows DHCPv6 Service
https://www.zerodayinitiative.com/blog/2023/5/1/cve-2023-28231-rce-in-the-microsoft-windows-dhcpv6-service
SolarWinds: The Untold Story of the Boldest Supply-Chain Hack | WIRED
https://www.wired.com/story/the-untold-story-of-solarwinds-the-boldest-supply-chain-hack-ever/
Passkeys: What they are and how to use them
https://blog.google/technology/safety-security/the-beginning-of-the-end-of-the-password/
Google Online Security Blog: So long passwords, thanks for all the phish
http://security.googleblog.com/2023/05/so-long-passwords-thanks-for-all-phish.html
David Weston (DWIZZZLE) on Twitter: "Token binding is a "game changer" for zero trust. Bearer token exportation is something I identified as a major impediment to ZT in my Blackhat talk in 2018. In 2023 we finally have tokens bound to the hardware in Windows (using a TPM and VBS of course)… https://t.co/Os2j7GYIag" / Twitter
https://twitter.com/i/web/status/1653801895423791108
GitHub - optiv/Freeze.rs: Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
https://github.com/optiv/Freeze.rs
The domain name freeze.rs is for sale
http://Freeze.rs
[2304.14717] faulTPM: Exposing AMD fTPMs' Deepest Secrets
https://arxiv.org/abs/2304.14717![[2304.14717] faulTPM: Exposing AMD fTPMs' Deepest Secrets](/image/screenshot/d9a075e166bfadb98e1e3aa9fbe454e8.webp)
Registration Form - Wild West Hackin' Fest - Deadwood 2023
https://bit.ly/41SaG7H
Threat Hunting with Velociraptor - Syllabus (Public) - Google ドキュメント
https://bit.ly/thvr-syllabus
Brightline data breach impacts 783K pediatric mental health patients
https://www.bleepingcomputer.com/news/security/brightline-data-breach-impacts-783k-pediatric-mental-health-patients/