TL;DR News

Unsurprising contrast. https://t.co/w8BwAx3L3b — Brian Liston (@brianjliston) Feb 20, 2023 from Twitter https://twitter.com/brianjliston...

Brand new blogpost from @snowfl0w Excellent summaries & references "Malware Arsenal used by Ember Bear (aka UAC-0056,Saint Bear, U...

I got a chance to really dig into a malware sample stemming from a malicious Google ad, and finally finished a full write-up for it. To sum...

@Unit42_Intel Kudos to my Palo Alto Networks colleagues who found and reported this #Buhti #Ransomware ELF binary! Sample now available at ...

r/t "Enigma info-stealing malware targets the cryptocurrency industry" https://t.co/VFTqUebtrm — Riccardo Pau (@profxeni) Feb 14...

I think I have a new favorite tool 😍 #malcat @malcat4ever https://t.co/nCfiQklx5o — RussianPanda 🐼 🇺🇦 (@AnFam17) Feb 13, 2023 from T...

Devs targeted by W4SP Stealer malware in malicious PyPi packages - @billtoulas https://t.co/FFHVZkL3u9 — BleepingComputer (@BleepinCompute...

Does anyone have any idea what is WRONG with Marjorie Taylor Greene? — Nathalie Jacoby (@nathaliejacoby1) Feb 8, 2023 from Twitter https...

WHY DIDN'T ANYONE TELL ME ABOUT THIS TOOL!?!? MSFT Threat Modeling Tool https://t.co/E4HvUOXH1D Also, if you're mad at me for not s...

Over the weekend, a svelte, mouth-breathing, Trump sported two makeup covered bandaids across the top of his hands. What do you think those...

r/t "Sandworm APT group hit Ukrainian news agency with five data wipers" https://t.co/SEOP9baqym — Riccardo Pau (@profxeni) Jan ...

r/t Yaralyzer - Visually Inspect And Force Decode YARA And Regex Matches Found In Both Binary And Text Data, With Colors https://t.co/RgUA8...

We've decided to share the #YARA rules to detect malicious #OneNote documents / attachments (.one) - as seen in #Phishing attacks - wit...

Interesting .eml > .vhdx > .rar > .lnk > .hta phishing targeting Russia - interesting VHDX attachment - mounts with double clic...

@cyb3rops :) in MDE #KQL something like this would work https://t.co/06gswweDbb — mRr3b00t (@UK_Daniel_Card) Jan 24, 2023 from Twitter h...

This is how we can write a simple filename IOC pattern with filter in the format I use in THOR and LOKI scanners pattern;score;filter This ...

#Kremlin propagandist decided to visit #Soledar in #Ukraine to prove the town is under full Russian control. https://t.co/PiaEWBFLH2 — Igo...

SilentHound. tool to quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc. https://t.co/IRml1YggV9 — D...

That’s handy https://t.co/lGIEQqQ7dl — Florian Roth ⚡ (@cyb3rops) Jan 19, 2023 from Twitter https://twitter.com/cyb3rops January 19, 2...

YARA rule to detect the exploitation of ManageEngine ServiceDesk CVE-2022-47966 Rule https://t.co/u5qFRMXTUN Report by @Horizon3Attack http...

r/t DragonCastle - A PoC That Combines AutodialDLL Lateral Movement Technique And SSP To Scrape NTLM Hashes From LSASS Process https://t.co...

r/t LATMA - Lateral Movement Analyzer Tool https://t.co/SIB8PPJmAB https://t.co/I6n0Zd2Thc — Riccardo Pau (@profxeni) Jan 16, 2023 from ...

Office 365 Security Testing Tools https://t.co/6trcxrU0vE — mRr3b00t (@UK_Daniel_Card) Jan 11, 2023 from Twitter https://twitter.com/UK_...

r/t ExchangeFinder - Find Microsoft Exchange Instance For A Given Domain And Identify The Exact Version https://t.co/HeKWNf6yaU https://t.c...

@MarioNawfal First: looking at your comments-> that you are pushing Russian agenda Second: an improvement in bilateral relations between...

How can you possibly want to leave Twitter when @EmilyKrebs6 posts content like this??!? https://t.co/39I4fWEVGE — Katie Nickels (@likethe...

Linux Forensics : Everything related to Linux forensics : https://t.co/xbUCA2YaWb credits @binaryz0ne — Binni Shah (@binitamshah) Dec 6, 2...

The new and improved AI chatbot is quite something. https://t.co/FCtU2kdmaT — Christo Grozev (@christogrozev) Dec 5, 2022 from Twitter h...

And yet he lost. Think about it. https://t.co/18vVfKuiG1 — Christo Grozev (@christogrozev) Dec 4, 2022 from Twitter https://twitter.com/...

I love this breakdown of the the Continuity of Conti by @BushidoToken https://t.co/zwDUGwyoR3 — Allan “Ransomware Sommelier🍷” Liska (@uua...

The primary goal is to have an easier environment without what are seen as cumbersome security obstacles. No pushback occurs, since "...

He does really sound almost schizophrenic at times. He gets very disorganized and resorts to shuck tactics, when the stress is high enough....

We're enlisting cats across the Internet to spread the word that updates are an essential part of anyone's digital security routine...

Massive Attack On Swedish News Sites Was The Work Of Russia, US Told Its Ambassadors The attack was part of a Russian campaign to sow dis...

https://t.co/GBcsK0zJ6z — Josh Galvez (@Zevlag) November 28, 2017 https://t.co/GBcsK0zJ6z from Twitter https://twitter.com/Zevlag

Pssst. The internet never dies. pic.twitter.com/fhkg1N5cnd — TheeNurseNut is #RESISTANCE 💙 🌊💙 (@TheeNurseNut) July 3, 2018 https://t....

Turns out our Amazon fulfillment center associates in Madrid can dance… And one got a big surprise at the end! Love it! pic.twitter.com/7Mu...

"Very friendly of them to provide us reverse engineers with a short break". Arbor Networks look at the Musical Chairs APT campaig...

Iranian #Greenbug targeting against Arab Emirates - filename was "Invoice-NO48935.doc". Uses IPv6 DNS requests for communicatio...

This is still my favorite thing pic.twitter.com/Jd0fpeSfTu — i have the power of god & anime on my side AAAHHH (@whomstami) December 1...

If you are in infosec and live in FL, maybe you can book some conference sep 11-> and wait it out with your family https://t.co/NwqjWAcB...

I wouldn't say "not accurate". After all it is a go-to long-term model. But, yeah, I would say historically perhaps not as go...

. @JohnCornyn on Hurricane Harvey @NBCDFW pic.twitter.com/aHERA25ArF — Julie Fine (@JulieFineNBC5) August 26, 2017 https://t.co/aHERA2...

Regarding Marcus Hutchins aka MalwareTech - my position. https://t.co/EzGs34eQz7 — Kevin Beaumont (@GossiTheDog) August 5, 2017 https://...

[UPDATE] Added a new CLI option to the public API wrapper that can be used to fetch samples and PCAPs: https://t.co/lAJv7tAlnw — Payload S...

Since it takes me forever to do anything these days (especially a blog post), here's a screenshot of what I'm talking about. #DFIR ...

pic.twitter.com/uTCho3S9Iq — # mind mapper # (@Thoughtskiller1) June 4, 2017 https://t.co/uTCho3S9Iq from Twitter https://twitter.com/Th...

@malwrhunterteam @malwareunicorn . So does Kwampirs — Andre M. DiMino (@sempersecurus) May 15, 2017 http://ifttt.com/missing_link?1494...

I heard ya'll like overlaps– another Lazarus sample with same WannaCrypt Overlap: 409c6a19705ccbd3185d5d0656c7811d @ 0x4018C0 from Oct ...

In fact, Cisco says WannaCry has no way to check bitcoins paid. Clicking "check payment" gives random fake response https://t.co/...

WanaCryptor File Encryption https://t.co/VeLuCWh3mQ — Nicolas Krassas (@Dinosn) May 15, 2017 https://t.co/VeLuCWh3mQ from Twitter https:...

A 'kill switch' is slowing the spread of #WannaCry ransomware https://t.co/QgVVQufs5o via @pcworld — Betty C. Jung (@bettycjung)...

wikileaks: Russia hardest hit by NSA turbo-charged ransomware #WannaCry https://t.co/K9VDjZ1EdR — L'Afrique Cachée (@africachee) May ...

#WannaCry crosses 100k mark! Spreads all over the world. https://t.co/us4MO3kthg — Umar Khan (@CreativityLogic) May 13, 2017 https://t....

This is actual footage of #WannaCry #ms17 -010 spreading through University of Milano-Bicocca pic.twitter.com/GuiDe4GdSl — Rickey Gevers ...

Love this idea - Infosec cons, can we make this a thing? https://t.co/xC7btOAQQe — Jayme (@highmeh) May 12, 2017 https://t.co/xC7btOAQQe...

#WannaCry resources password:WNcry@2ol7 pic.twitter.com/OOcawrC8WR — xors (@xorsthings) May 12, 2017 https://t.co/OOcawrC8WR from Twitt...

LATEST: 100,000+ attacks of #WannaCry ramsomware detected in 24 hours #WanaCrypt0r #WCry https://t.co/xCaUzzFJF8 pic.twitter.com/xIAgbk...

#wannacry have made 17k NZD so far based on the wallet addresses stated in https://t.co/TNlyKJBarz - should buy u a few smokes in jail te...

More great analysis of #WannaCry malware by Talos https://t.co/S74elk4772 — 🏴 Lauri Love 🏴 (@laurilove) May 13, 2017 https://t.co/S74...

After the #Sbahn in Frankfurt also Bhf Neustadt affected by the Ransomware outbreak. #WannaCry pic.twitter.com/JgVwi5Khz6 — Rickey Gever...

Attack distribution by country. #WannaCry #ShadowBrokers find more on @Securelist : https://t.co/RWW3y4wPLb pic.twitter.com/dWOPyX2dIc ...

A2 #IDTheftChat #LayerUp http://pic.twitter.com/9D46mGyYwP — Michael Kaiser (@MKaiserNCSA) May 4, 2017 https://t.co/9D46mGyYwP from T...

New Karmen Ransomware-as-a-Service Advertised on Hacking Forums https://t.co/S4pVeS2d01 — BleepingComputer (@BleepinComputer) April 18, 20...

Todays Xerox spamrun carries #Dridex and CVE-2017-0199. DL's from (1st): btt5sxcx90[.]com, rottastics36w[.]net -> btt5sxcx90[.]com/...

Too bad I can't buy stock in a Russian troll factory. Profits are gonna soar. https://t.co/a68DauZtQI — Sam Greene (@samagreene) April...

@etlow Here is a public version of your data via Google Sheets if you should need it :-) -> https://t.co/UJ5cwIhkPh — Simon Zerafa (@S...

Need Trump OSINT on Russia. This is nice at timelines and connecting all the dots https://t.co/vgwrWJorYi — Root ♊ (@rootsecdev) April 12,...

Anonymous leaks plague the White House - even the people behind the Easter Egg Roll are leaking! https://t.co/65r8m04xzc http://pic.twitte...

Subdomino - An application that enumerates subdomains and scan them with several rules https://t.co/jBBN9Ctrjw http://pic.twitter.com/8qca...

#EquationGroup had X11 server #Linux keylogger! all users affected, even root! http://pic.twitter.com/tbsv5fHeUD — Maksym Zaitsev (@cry...

Interesting discussion from @Adam_Cyber https://t.co/xnZwWYrrkx — Brendan Conlon (@bmconlon) March 20, 2017 https://t.co/xnZwWYrrkx fro...

FAQ slide from @CrowdStrike presentation on FANCY BEAR X-Agent for Android that @DAlperovitch and I just wrapped up http://pic.twitter.co...

On the left are strings from FANCY BEAR linux implant, on the right are strings from the Android implant used against Ukraine military http...

Ah-ha, I had an epiphany in the shower this morning and realized how to get codeexec in LastPass 4.1.43. Full report and exploit on the way...

Ouch Watchguard.... http://pic.twitter.com/7lZLsYbM0k — Andre M. DiMino (@sempersecurus) March 23, 2017 https://t.co/7lZLsYbM0k from Twi...

@Jose_Pagliery Just saw you explain Trump/Alfabank DNS traffic oddness. Anyone considered IODINE xfers over DNS? >> https://t.co/juu...

The President, who I work for, just had China grant him trademarks for Trump escort services. Prostitutes! Why isn't this on the news? ...

http://pic.twitter.com/3YSXZq1EVj — Elon Musk (@elonmusk) March 6, 2017 https://t.co/3YSXZq1EVj from Twitter https://twitter.com/elonmus...

Russian APT - APT28 collection of samples including OSX XAgent - Nice curation of #Malware & resources by @snowfl0w https://t.co/S7EH...

I updated by targeted threats tracker, with latest reports and indicators of compromise https://t.co/Ue0NZ1BMyo — Nex ~ Claudio (@botherde...

Very helpful Florian. https://t.co/HvLs4cJ2QX — Brent Wrisley (@brentwrisley) February 13, 2017 https://t.co/HvLs4cJ2QX from Twitter htt...

The ransomware tube map. Taken from our State of Cyber Security Report: https://t.co/GjZ4Ax50J6 http://pic.twitter.com/QuiVDE5b80 — Mikko...

To do: 1) design my Canada tattoo 2) buy a new burner phone 3) rock back and forth in the corner. — Dave Lewis (@gattaca) January 29, ...

This is what you need to know about the #iMessage security flaw➡ https://t.co/JTJRPLkfrE #cybersecurity #iPhone http://pic.twitter.com/...

Crowd at Obama’s inauguration in 2009. Crowd at Trump’s inauguration today. http://pic.twitter.com/zZvTFiodXI — Joon Lee (@iamjoonlee) Jan...

It looks like 194.165.16.0/24 is the new 85.93.0.0/24 #EITest http://pic.twitter.com/Hfr7auumpO — Kafeine (@kafeine) August 30, 2016 ht...

from Security News - Software vulnerabilities, data leaks, malware, viruses Civil rights groups filed a federal complaint against the Ba...

from Security News - Software vulnerabilities, data leaks, malware, viruses The US National Security Agency, which gained international ...

from Threats RSS Feed - Symantec Corp. Risk Level: Very Low. Type: Trojan, Virus, Worm.

from We Live Security On the morning of Friday August 12th, ESET researchers noticed a huge outbreak of a new Spy.Banker variant, detect...

from Understanding Java Code and Malware | Malwarebytes Unpacked Recently, we took a look at the interesting Trojan found by Bleeping Co...

from Understanding Java Code and Malware | Malwarebytes Unpacked We’ve recently been alerted to a scam circulating within the UK and cau...

from Securelist / All Updates Introduction Kaspersky Lab has observed new waves of attacks that started on the 8th and the 27th of Jun...

from Fortinet Blog | News and Threat Research - All Posts The Adwind Remote Access Trojan (RAT) is a popular Java-based backdoor capable...