APT28 Operation Phantom Net Voxel - Sekoia.io Blog
https://blog.sekoia.io/apt28-operation-phantom-net-voxel/
SonicWall warns customers to reset credentials after breach
https://www.bleepingcomputer.com/news/security/sonicwall-warns-customers-to-reset-credentials-after-MySonicWall-breach/
Neutralize threats before Impact
http://Sekoia.io
Going Underground: China-aligned TA415 Conducts U.S.-China Economic Relations Targeting Using VS Code Remote Tunnels | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/going-underground-china-aligned-ta415-conducts-us-china-economic-relations
RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains
https://thehackernews.com/2025/09/raccoono365-phishing-network-shut-down.html
4 Recon Sources That Always Get Me Results - YouTube
https://youtu.be/KpN43ZE1P40
Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims
https://thehackernews.com/2025/09/scattered-spider-resurfaces-with.html
ShinyHunters claims 1.5 billion Salesforce records stolen in Drift hacks
https://www.bleepingcomputer.com/news/security/shinyhunters-claims-15-billion-salesforce-records-stolen-in-drift-hacks/
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts
https://thehackernews.com/2025/09/chinese-ta415-uses-vs-code-remote.html
VC giant Insight Partners warns thousands after ransomware breach
https://www.bleepingcomputer.com/news/security/vc-giant-insight-partners-warns-thousands-after-ransomware-breach/
Malware development: persistence - part 28. CertPropSvc registry hijack. Simple C/C++ example. - cocomelonc
https://cocomelonc.github.io/persistence/2025/09/14/malware-pers-28.html
CrowdStrike Falcon Prevents NPM Package Supply Chain Attacks
https://www.crowdstrike.com/en-us/blog/crowdstrike-falcon-prevents-npm-package-supply-chain-attacks
CTRL-Z DLL Hooking - SANS Internet Storm Center
https://isc.sans.edu/diary/32294
Details Emerge on Chinese Hacking Operation Impersonating US Lawmaker - SecurityWeek
https://www.securityweek.com/details-emerge-on-chinese-hacking-operation-impersonating-us-lawmaker/
Microsoft: WMIC will be removed after Windows 11 25H2 upgrade
https://www.bleepingcomputer.com/news/microsoft/microsoft-wmic-will-be-removed-after-windows-11-25h2-upgrade/
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens - dirkjanm.io
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
Nick VanGilder on X: "@eliedelkind Microsoft: After extensive deliberation, Microsoft has decided to not participate in the evaluation this year. This decision allows us to focus all our resources on the Secure Future Initiative and on delivering product innovation to our customers." / X
https://x.com/nickvangilder/status/1968313892741816718
What Makes System Calls Expensive: A Linux Internals Deep Dive
https://blog.codingconfessions.com/p/what-makes-system-calls-expensive
North Koreans Targets South With Military ID Deepfakes
https://www.darkreading.com/cyberattacks-data-breaches/north-korean-group-south-military-id-deepfakes
Secure Kernel Research with LiveCloudKd – Winsider Seminars & Solutions Inc.
https://windows-internals.com/secure-kernel-research-with-livecloudkd
Microsoft: Office 2016 and Office 2019 reach end of support next month
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2016-and-office-2019-reach-end-of-support-next-month/
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
https://www.bleepingcomputer.com/news/security/microsoft-and-cloudflare-disrupt-massive-raccoono365-phishing-service/