SEO Poisoning to Domain Control: The Gootloader Saga Continues - The DFIR Report
https://thedfirreport.com/2024/02/26/seo-poisoning-to-domain-control-the-gootloader-saga-continues/
TinyTurla-NG in-depth tooling and command and control analysis
https://blog.talosintelligence.com/tinyturla-ng-tooling-and-c2/
LockBit Ransomware Group Resurfaces After Law Enforcement Takedown
https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html
Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections
https://www.trendmicro.com/en_us/research/24/b/earth-lusca-uses-geopolitical-lure-to-target-taiwan.html
North Korean Hackers Targeting Developers with Malicious npm Packages
https://thehackernews.com/2024/02/north-korean-hackers-targeting.html
Control Flow Flattening: How to build your own
https://www.lodsb.com/control-flow-flattening-how-to-build-your-own?ref=twitter-share
A Technical Deep Dive: Comparing Anti-Cheat Bypass and EDR Bypass - White Knight Labs
https://whiteknightlabs.com/2024/02/09/a-technical-deep-dive-comparing-anti-cheat-bypass-and-edr-bypass/
New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT
https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html
REDACTED: $20,000 OAuth Bounty (FT. Nagli) - YouTube
https://youtu.be/VLgB2fDEMVg
LockBit is back and threatens to target more government organizations - Security Affairs
https://securityaffairs.com/159584/cyber-crime/lockbit-gang-resumed-raas.html
Attacking an EDR - Part 1
https://her0ness.github.io/2023-08-03-c2-Attacking-an-EDR-Part-1/
Releases · hasherezade/pe-sieve
https://github.com/hasherezade/pe-sieve/releases/
SANS Security West San Diego 2024 | Cyber Security Training
https://www.sans.org/u/1uAY
LockBit ransomware returns, restores servers after police disruption
https://www.bleepingcomputer.com/news/security/lockbit-ransomware-returns-restores-servers-after-police-disruption/
https://voidstarsec.com/fi-resources/
https://voidstarsec.com/fi-resources/
Attacking an EDR - Part 3
https://her0ness.github.io/2023-11-07-Attacking-an-EDR-Part-3/
SANS Cyber Security Pacific: April 2024 | Cyber Security Training
https://www.sans.org/u/1uFE
Attacking an EDR - Part 2
https://her0ness.github.io/2023-09-14-Attacking-an-EDR-Part-2/
SANS 2024 in Orlando, FL | Cyber Security Training
https://www.sans.org/u/1uv0
SANS Rocky Mountain Summer 2024 | Cyber Security Training
https://www.sans.org/u/1uB8
Releases · hasherezade/hollows_hunter
https://github.com/hasherezade/hollows_hunter/releases
Russian hackers shift to cloud attacks, US and allies warn
https://www.bleepingcomputer.com/news/security/russian-hackers-shift-to-cloud-attacks-us-and-allies-warn/
BackDoorSim - An Educational Into Remote Administration Tools
http://www.kitploit.com/2024/02/backdoorsim-educational-into-remote.html
“SubdoMailing” — Thousands of Hijacked Major-Brand Subdomains Found Bombarding Users With Millions of Malicious Emails | by Guardio | Feb, 2024 | Medium
https://labs.guard.io/subdomailing-thousands-of-hijacked-major-brand-subdomains-found-bombarding-users-with-millions-a5e5fb892935
Banking Trojans Target Latin America and Europe Through Google Cloud Run
https://thehackernews.com/2024/02/banking-trojans-target-latin-america.html
FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga. – Krebs on Security
https://krebsonsecurity.com/2024/02/fbis-lockbit-takedown-postponed-a-ticking-time-bomb-in-fulton-county-ga/
8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation
https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html
Kaspersky's report on mobile threats in 2023 | Securelist
https://securelist.com/mobile-malware-report-2023/111964/
Tickets – BSidesCharm
https://www.bsidescharm.org/registration/
Hijacked subdomains of major brands used in massive spam campaign
https://www.bleepingcomputer.com/news/security/subdomailing-campaign-spams-5-million-emails-daily-via-8k-hijacked-domains/
LockBit Ransomware Gang Resurfaces With New Leak Site - SecurityWeek
https://www.securityweek.com/lockbit-ransomware-gang-resurfaces-with-new-site/
i-SOON Data Leak: Key Points
https://marcoramilli.com/2024/02/26/i-soon-data-leak-key-points/
Advanced CyberChef Techniques for Configuration Extraction - Detailed Walkthrough and Examples
https://embee-research.ghost.io/advanced-cyberchef-operations-netsupport/
Hackers exploit 14-year-old CMS editor on govt, edu sites for SEO poisoning
https://www.bleepingcomputer.com/news/security/hackers-exploit-14-year-old-cms-editor-on-govt-edu-sites-for-seo-poisoning/
PRESS RELEASE: Future Software Should Be Memory Safe | ONCD | The White House
https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/
Speakers – BSidesCharm
https://bsidescharm.org/speakers
Nightmare: One Byte to ROP // Deep Dive Edition - HackMD
https://hackmd.io/@pepsipu/ry-SK44pt?s=09
Actively exploited open redirect in Google Web Light – Untrusted Network
https://untrustednetwork.net/en/2024/02/26/google-open-redirect/