USCYBERCOM Cybersecurity Alert on Twitter: "Russian intel FSB Center 16 has been using "Snake" implant as a cyber espionage tool for long-term intel collect against media, education, small businesses & CIKR in 50+ countries. Read the US/Allied Cybersecurity Advisory here: https://t.co/mUVyLR3Kyl https://t.co/2EgKr9M57l" / Twitter
https://twitter.com/cnmf_cyberalert/status/1655959187682123776
Eastern District of New York | Justice Department Announces Court-Authorized Disruption of the Snake Malware Network Controlled by Russia's Federal Security Service | United States Department of Justice
https://www.justice.gov/usao-edny/pr/justice-department-announces-court-authorized-disruption-snake-malware-network
Intel Debug Technology
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/secure-coding/intel-debug-technology.html
GitHub - jborean93/dpapi-ng: Python DPAPI NG Decryptor for non-Windows Platforms
https://github.com/jborean93/dpapi-ng
JOINT_CSA_HUNTING_RU_INTEL_SNAKE_MALWARE_20230509.PDF
https://media.defense.gov/2023/May/09/2003218554/-1/-1/0/JOINT_CSA_HUNTING_RU_INTEL_SNAKE_MALWARE_20230509.PDF
USCYBERCOM Cybersecurity Alert on Twitter: "Russian intel FSB Center 16 has been using "Snake" implant as a cyber espionage tool for long-term intel collect against media, education, small businesses & CIKR in 50+ countries. Read the US/Allied Cybersecurity Advisory here: https://t.co/mUVyLR3Kyl https://t.co/2EgKr9M57l" / Twitter
https://twitter.com/CNMF_CyberAlert/status/1655959187682123776
Living Off The Land - Built-In Pwning
https://labs.lares.com/living-off-the-land/
SupplyChainAttacks/IntelOemKeyImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub
https://github.com/binarly-io/SupplyChainAttacks/blob/main/MSI/IntelOemKeyImpactedDevices.md
注意喚起や情報共有活動における受信者側の「コスト」の問題について ー情報発信がアリバイや成果目的の自己目的化した行為にならないためにー - JPCERT/CC Eyes | JPCERTコーディネーションセンター公式ブログ
https://blogs.jpcert.or.jp/ja/2023/05/cost-and-effectiveness-of-alerts.html
Alex Matrosov on Twitter: "⛓️Diving deeper into MSI leak, it has been discovered that one of the leaked keys (bxt_dbg_priv_key.pem) is associated with Intel Orange or OEM Unlocked. 🔥Based on Intel documentation, it appears to be more powerful in comparison to Boot Guard keys. https://t.co/mtABZNgalM https://t.co/oX0L9b49UK" / Twitter
https://twitter.com/matrosov/status/1655744775063244800
A smorgasbord of a bug chain: postMessage, JSONP, WAF bypass, DOM-based XSS, CORS, CSRF... :: jub0bs.com
https://jub0bs.com/posts/2023-05-05-smorgasbord-of-a-bug-chain/
The Haag™ on Twitter: "⭐️It's official! ⭐️The #LOLDrivers 1.0 release is out and includes a tremendous number of new additions! Release Blog: https://t.co/ruheRPvGrp https://t.co/eOj67L96dO 1. New Driver Enrichments - Authentihash, signature metadata, and more! 2. Driver Binaries under the drivers/…" / Twitter
https://twitter.com/i/web/status/1655593453323952130
Living Off The Land Drivers 1.0 Release: New Features, Enrichments, and Community Contributions | by Michael Haag | magicswordio | May, 2023 | Medium
https://medium.com/magicswordio/living-off-the-land-drivers-1-0-release-95af7d59fb89
U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide > National Security Agency/Central Security Service > Press Release View
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3389044/us-agencies-and-allies-partner-to-identify-russian-snake-malware-infrastructure/
U.S. Agencies and Allies Partner to Identify Russian Snake Malware Infrastructure Worldwide > National Security Agency/Central Security Service > Press Release View
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3389044/us-agencies-and-allies-partner-to-identify-russian-snake-malware-infrastructure
LOLDrivers
https://www.loldrivers.io
The Elite Hackers of the FSB
https://interaktiv.br.de/elite-hacker-fsb/en/index.html
On the trail of the Dark Avenger: the most dangerous virus writer in the world | Viruses | The Guardian
https://www.theguardian.com/news/2023/may/09/on-the-trail-of-the-dark-avenger-the-most-dangerous-virus-writer-in-the-world
Zachariah J. "Zach" Riggle Obituary 2023 - Smith Family Funeral Homes
https://www.smithfamilyfuneralhomes.com/obituaries/zachariah-riggle
US Attorney EDNY on Twitter: "Justice Department Announces Court-Authorized Disruption of the Snake Malware Network Controlled by Russia's Federal Security Service https://t.co/2jLhNZGTFI" / Twitter
https://twitter.com/EDNYnews/status/1655955902753538050
SteelCon 2023
https://ti.to/steelcon/2023/en