Bypass IIS Authorisation with this One Weird Trick - Three RCEs and Two Auth Bypasses in Sitecore 9.3 – Assetnote
https://blog.assetnote.io/2023/05/10/sitecore-round-two/
Mark Russinovich on Twitter: "If you're on the Win11 Insider ring, you're getting the first taste of Rust in the Windows kernel! https://t.co/uyZkK2vRLY" / Twitter
https://twitter.com/markrussinovich/status/1656416376125538304
Nighthawk 0.2.4 - Taking Out The Trash - MDSec
https://www.mdsec.co.uk/2023/05/nighthawk-0-2-4-taking-out-the-trash/
Uncovering RedStinger - Undetected APT cyber operations in Eastern Europe since 2020
https://www.malwarebytes.com/blog/threat-intelligence/2023/05/redstinger
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API | Akamai
https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api
0xToxin🕷️ on Twitter: "APT-C-36 (#BlindEagle) strikes again with @DIANColombia theme Phishing. 🇨🇴 .eml -> .pdf -> password protected .uue archive downloaded from #Discord -> .vbs -> .ps1 -> fetch DLL loader from Opendir -> fetch #LimeRAT payload from Discord (Injection to RegSvcs.exe) 🏹 URL's: ◾️… https://t.co/iXD4b6LU75" / Twitter
https://twitter.com/i/web/status/1656555358142226432
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html
AS-23-Landau-PPLdump-Is-Dead-Long-Live-PPLdump.pdf.pdf - Google ドライブ
https://drive.google.com/file/d/1Pj7hSvsj0qvegdIUvABa9KUEKOrLzu2p/view?usp=drivesdk
GitHub - mr-pmillz/gofireprox: FireProx written in Go
https://github.com/mr-pmillz/gofireprox
Testing a new encrypted messaging app's extraordinary claims
https://crnkovic.dev/testing-converso/
Dan Conn on Twitter: "So sadly I won't be at any conference dates in May as I've been let go, along with others in a reduction in force exercise. The good news is that if you're looking for a security engineer, senior / lead appsec engineer or senior / lead dev in the security space gimme a shout 😂" / Twitter
https://twitter.com/danjconn/status/1656531851182329856
Inside the Italian Mafia’s Encrypted Phone of Choice
https://www.vice.com/en/article/88xgjz/inside-italian-mafias-encrypted-phone-no1bc
C2 and the Docker Dance: Mythic 3.0’s Marvelous Microservice Moves | by Cody Thomas | May, 2023 | Posts By SpecterOps Team Members
https://posts.specterops.io/c2-and-the-docker-dance-mythic-3-0s-marvelous-microservice-moves-f6e6e91356e2
conhost | LOLBAS
https://lolbas-project.github.io/lolbas/Binaries/Conhost/
Regions (Windows GDI) - Win32 apps | Microsoft Learn
https://learn.microsoft.com/en-us/windows/win32/gdi/regions
Jaron Bradley on Twitter: "We've released a new blog on an APT malware targeting macOS that we call RustBucket. The actor is using decoy PDF documents that act as a key when loaded within an attacker provided pdf app. The malware has three stages. Check out our writeup for details https://t.co/huj7JET9Sm" / Twitter
https://twitter.com/jbradley89/status/1649434597309005824
eSentire | eSentire Threat Intelligence Malware Analysis: Vidar…
https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-vidar-stealer
Qakbot/Qakbot_BB27_11.05.2023.txt at main · pr0xylife/Qakbot · GitHub
https://github.com/pr0xylife/Qakbot/blob/main/Qakbot_BB27_11.05.2023.txt
SANS Small Business Cyber Summit 2023 | SANS Institute
https://www.sans.org/u/1p0c
FwHunt/IntelAlderLakeLeak.yml at main · binarly-io/FwHunt · GitHub
https://github.com/binarly-io/FwHunt/blob/main/rules/SupplyChain/IntelAlderLakeLeak.yml
HITBAMS – Your Not so “Home” Office – Soho Hacking at Pwn2Own | NCC Group Research Blog | Making the world safer and more secure
https://research.nccgroup.com/2023/04/24/hitbams-your-not-so-home-office-soho-hacking-at-pwn2own/
Andy Greenberg (@agreenberg at the other places) on Twitter: "Twitter’s encrypted DM feature is technically flawed, opt-in, limited to 1-to-1 text-based messages, restricted to a small user base, and generally inferior in just about every way to encrypted apps like Signal and WhatsApp. And all for just $8 a month. https://t.co/hC8Iz8nxSE" / Twitter
https://twitter.com/a_greenberg/status/1656514003793846272
GitHub - BushidoUK/Breach-Report-Collection: A collection of companies that disclose adversary TTPs after they have been breached
https://github.com/BushidoUK/Breach-Report-Collection

UK ‘increasingly concerned’ ransomware victims are keeping incidents secret
https://therecord.media/uk-increasingly-concerned-of-ransomware-victims-keeping-quiet-ncsc
SupplyChainAttacks/IntelKeysImpactedDevices.md at main · binarly-io/SupplyChainAttacks · GitHub
https://github.com/binarly-io/SupplyChainAttacks/blob/main/Lenovo:LCFC/IntelKeysImpactedDevices.md
About Encrypted Direct Messages – DMs | Twitter Help
https://help.twitter.com/en/using-twitter/encrypted-direct-messages