ThreatChat ThreatHistory Video Feed

Naked Security Live – Beware copyright scams

S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]

Keybase secure messaging fixes photo-leaking bug – patch now!

Nvidia announces official “anti-cryptomining” software drivers

Naked Security Live – How to calculate important things using a computer

The massive coronavirus IT blunder with a funny side

S3 Ep20: Corporate megahacking, true love gone bad, and tax grabs [Podcast]

US names three North Koreans in laundry list of cybercrime charges

“ScamClub” gang outed for exploiting iPhone browser bug to spew ads

Romance scams at all-time high: here’s what you need to know

Firewall Vendor Patches Critical Auth Bypass Flaw

Amazon Dismisses Claims Alexa 'Skills' Can Bypass Security Vetting Process

Passwords, Private Posts Exposed in Hack of Gab Social Network

Malware Loader Abuses Google SEO to Expand Payload Delivery

Mobile Adware Booms, Online Banks Become Prime Target for Attacks

Stalkerware Volumes Remain Concerningly High, Despite Bans

Lazarus Targets Defense Companies with ThreatNeedle Malware

Yeezy Fans Face Sneaker-Bot Army for Boost Suns

Malware Gangs Partner Up in Double-Punch Security Threat

Nvidia's Anti-Cryptomining GPU Chip May Not Discourage Attacks

Cyberattacks Launch Against Vietnamese Human-Rights Activists

Finnish IT Giant Hit with Ransomware Cyberattack

Podcast: Ransomware Attacks Exploded in Q4 2020

Breaking Down Joe Biden's $10B Cybersecurity 'Down Payment'

CISOs Prep For COVID-19 Exposure Notification in the Workplace

From Triton to Stuxnet: Preparing for OT Incident Response

How the Pandemic is Reshaping the Bug Bounty Landscape

305 CVEs and Counting: Bug-Hunting Stories From a Security Engineer

Malformed URL Prefix Phishing Attacks Spike 6,000%

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence

Cybercrooks Rake in $304M in Romance Scams

Hybrid, Older Users Most-Targeted by Gmail Attackers

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report

Emotet's Takedown: Have We Seen the Last of the Malware?

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

Simplifying Proactive Defense With Threat Playbooks

Cyber Monday is Every Monday: Securing the 'New Normal'

'Amnesia:33' TCP/IP Flaws Affect Millions of IoT Devices

How Email Attacks are Evolving in 2021

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Cybercriminals Step Up Their Game Ahead of U.S. Elections

A Cyber 'Vigilante' is Sabotaging Emotet's Return

Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes

2020 Cybersecurity Trends to Watch

Top Mobile Security Stories of 2019

Facebook Security Debacles: 2019 Year in Review

Biggest Malware Threats of 2019

Top 10 IoT Disasters of 2019

2019 Malware Trends to Watch

Top 2018 Security and Privacy Stories

2019: The Year Ahead in Cybersecurity

2018: A Banner Year for Breaches

New Jailbreak Tool Works on Most iPhones

Universal Health Services Suffered $67 Million Loss ...

MSP Provider Builds Red Team as Attackers Target ...

Cybercrime 'Help Wanted': Job Hunting on the Dark Web

Building a Next-Generation SOC Starts With Holistic ...

NSA Releases Guidance on Zero-Trust Architecture

'Nerd' Humor

The Edge | Dark Reading

Securing Super Bowl LV

Attackers Turn Struggling Software Projects Into ...

After a Year of Quantum Advances, the Time to ...

Inside Strata's Plans to Solve the Cloud Identity ...

Microsoft Releases Free Tool for Hunting SolarWinds ...

North Korea's Lazarus Group Expands to Stealing ...

Ransomware, Phishing Will Remain Primary Risks in 2021

Thousands of VMware Servers Exposed to Critical RCE Bug

5 Key Steps Schools Can Take to Defend Against ...

How to Avoid Falling Victim to a SolarWinds-Style ...

Cybercriminals Target QuickBooks Databases

New APT Group Targets Airline Industry & Immigration

Hackers use black hat SEO to push ransomware, trojans via Google

Hackers use black hat SEO to push ransomware, trojans via Google

Universal Health Services lost $67 million due to Ryuk ransomware attack

Universal Health Services lost $67 million due to Ryuk ransomware attack

Microsoft fixes Windows 10 drive corruption bug — what you need to know

NSW Transport agency extorted by ransomware gang after Accellion attack

NSW Transport agency extorted by ransomware gang after Accellion attack

Working Windows and Linux Spectre exploits found on VirusTotal

Working Windows and Linux Spectre exploits found on VirusTotal

European e-ticketing platform Ticketcounter extorted in data breach

European e-ticketing platform Ticketcounter extorted in data breach

World's leading dairy group Lactalis hit by cyberattack

World's leading dairy group Lactalis hit by cyberattack

Tether cryptocurrency firm says docs in $24 million ransom are 'forged'

Tether cryptocurrency firm says docs in $24 million ransom are 'forged'

Windows 10 Cloud PC: The latest info about Microsoft's new service

Beware: AOL phishing email states your account will be closed

Beware: AOL phishing email states your account will be closed

What are these suspicious Google GVT1.com URLs?

What are these suspicious Google GVT1.com URLs?

Recent Google Voice outage caused by expired certificates

The Windows 10 Sun Valley design refresh - Here's what's coming

NSA, Microsoft promote a Zero Trust approach to cybersecurity

NSA, Microsoft promote a Zero Trust approach to cybersecurity

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

Google shares PoC exploit for critical Windows 10 Graphics RCE bug

The Week in Ransomware - February 26th 2021 - Back from the Holidays

The Week in Ransomware - February 26th 2021 - Back from the Holidays

Twitter scammers earned over $145k this week in Bitcoin, Ethereum, Doge

Twitter scammers earned over $145k this week in Bitcoin, Ethereum, Doge

United Airlines to Pay $49m to Settle False Data Claim

Florida Police Arrest 12 Alleged Online Predators

Facebook Photo-tagging Lawsuit Settled for $650m

Half of Orgs Concerned Remote Working Puts Them at Greater Risk of Cyber-Attacks

70% of Orgs Facing New Security Challenges Due to #COVID19 Pandemic

Go Malware Detections Increase 2000%

Self-Assessment Tool Launches to Enhance Small Biz Security

Berlin Resident Jailed for NHS Bomb Threats

USA Third Most Affected by Stalkerware

Hybrid Working Has Accelerated Cloud Application Adoption: What About Security?

Evolution of Ransomware-as-a-Service and Malware Delivery Mechanisms

Becoming a Next-Gen CISO: Leading from the Front

2021: The Year Zero Trust Overtakes VPN?

The Top Five Data Security Metrics

FTP, FTPS & SFTP

Automated Change: Fulfilling Network Security Requirements

How to Secure Data in Your Organization

2020 Cybersecurity Headlines in Review

Risk-Based Security for Your Organization

Secure Access: Anywhere, Any Device and Any Application

Tales from the Insider Crypt: The Evolution of Insider Risk Maturity

Legal Firm Leaks 15,000 Cases Via the Cloud

Atos Acquires Two Cybersecurity Companies

Scammers Selling Fake COVID-19 Vaccination Cards for Just $20

CrowdStrike Slams Microsoft Over SolarWinds Hack

Medical Data of 500,000 French Residents Leaked Online

Security Mythbusting: Dismantling the Top Five API Myths

Securing the #COVID19 Vaccine & Supply Chain

Staying Secure During Rapid Transformation: The Importance of DevSecOps

The Future of Crypto and Casinos

Healthcare Carries a Large Target for Ransomware

FBI Investigating Michigan School District Hack

Winners of Inaugural SBRC Cyber Community Awards Announced

Learning Tree International Named First (ISC)² Global Premier Partner

TikTok Set for Massive $92m Payout Over Privacy Suit

Chinese Hackers Target Tibetans with Malicious Firefox Extension

Npower Ditches App After Credential Stuffing Attacks

David Birch Appointed Honorary President of EEMA

Cloud-based dev teams must shift security left to avoid fate of SolarWinds

VPNs still dominate post-COVID, but businesses are sniffing for alternatives

A new tactic for Chinese cyber actors: threatening critical infrastructure

Flaws fixed incorrectly, as secure coding education lags

Axonius looks to global expansion with $100 million in Series D funding

Microsoft makes CodeQL queries public post SolarWinds attack

Government agencies prioritize network and cloud security

North America lags behind Europe on proactive security initiatives in Q3

Proactive cybersecurity measures outpaced reactive in Q2

BH Consulting's Valerie Lyons on earning customer trust

Todd Fitzgerald: ‘Do not expect trust. It must be earned’

Cybersecurity Coalition's Ari Schwartz on winning over Congress

How ransomware works

Build and maintain a security culture, up, across, and down the organization

How to Address Your Biggest Risk: Extend User Security Beyond Training and Education

Why so many companies still find moving to DevSecOps hard

Four questions all security RFPs should ask

What teamwork can do for application security

New data could help CISOs quantify the value of a strong security culture

Old foe or new enemy? Here’s how researchers handle APT attribution

Ransomware attacks way down at schools, hospitals so far this year

Malware tied to espionage campaign against defense industry

Startup that maps adversaries' IT infrastructure lands $16 million in funding

As ransomware inches toward national security threat, policies may follow

Hiding from Surveillance Capitalism | by Nick Irving | The Startup | Feb, 2021 | Medium

Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait… | by Anton Chuvakin | Anton on Security | Mar, 2021 | Medium

Anton Chuvakin – Medium

Anton on Security – Medium

I Got Hit By a Truck After The Second Dose of The COVID Vaccine | by Ryan Fan | The Haven | Feb, 2021 | Medium

Studying for the LSAT Is Making Me a Better Teacher | by Ryan Fan | Curious | Feb, 2021 | Medium

Post-Quantum Cryptography. A blockchain perspective | by Ramsès Fernàndez-València | Research & Innovation | Mar, 2021 | Medium

Research & Innovation – Medium

Investigation into the state of Nim malware | by Jason Reaves | Walmart Global Tech Blog | Mar, 2021 | Medium

Jason Reaves – Medium

Walmart Global Tech Blog – Medium

Help Avoid DNS Takeovers | by Adobe Security Team | Medium

Nimar Loader. Baza (BazarLoader & BazarBackdoor) has… | by Joshua Platt | Walmart Global Tech Blog | Mar, 2021 | Medium

Joshua Platt – Medium

Walmart Global Tech Blog – Medium

11 decentralization tools you can start utilizing today | by Miroslav Šlapka | Nerd For Tech | Mar, 2021 | Medium

Nerd For Tech – Medium

Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Feb, 2021 | Medium

Inside SimpliSafe Alarm System. Author: Nick Miles, Co-Author: Chris… | by Nicholas Miles | Tenable TechBlog | Feb, 2021 | Medium

The SolarWinds Body Count Now Includes NASA and the FAA | WIRED

Writing a Custom Bootloader - Red Teaming Experiments

Memory Forensics Analysis with Volatility | TryHackMe Volatility - YouTube

National Security Risks of Late-Stage Capitalism - Schneier on Security

Stored XSS in Yahoo! - The Shahzada

CD Projekt Red 'EPICALLY pwned': Cyberpunk 2077 dev publishes ransom note after company systems encrypted • The Register

Detailed Audit of Voatz' Voting App Confirms Security Flaws

Privacy Preserving Machine Learning for Healthcare using CrypTFlow | by Pratik Bhatu | Mar, 2021 | Medium

Spectre exploits in the "wild"

BR: State-owned energy utility, COPEL, suffers cyberattack (UPDATED)

Someone tried to poison Oldsmar’s water supply during hack, sheriff says

COVID-19 Cyber Attacks - WebARX Security

BR: Eletronuclear administrative network suffers ransomware attack

FrizN - Kernel Linux - The curious case of CVE-2020-14381

(ENG-152) Lockpicking - Giveaway result 21Feb and the new Giveaway #PandaFrog21Mar - YouTube

Two Master Lock No. 3's single pin picked - YouTube

[L103] Stanley Vidmar SL-10 (Sea Slider) Lock - pick - YouTube

39: The Chrysler Capers - YouTube

Windows Persistence Mechanics – DLL Search Order Hijacking – Marcus Edmondson | Threat Hunting | Information Security

Data of 300,000 customers leaked in São Paulo

Spectre exploits in the "wild"

Analyzing Jigsaw Ransomware with Volatility | TryHackMe MAL: REMnux - The Redux - YouTube

Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10 | Ars Technica

One of Biggest Android VPN Services User Data Hacked | CyberNews

A1100 Speedpick 5 - YouTube

List of data breaches and cyber attacks in February 2021 – 2.3 billion records breached - IT Governance UK Blog

Hackers tied to Russia’s GRU targeted the US grid for years | Ars Technica

Chinese Group RedEcho Targets the Indian Power Sector Amid Heightened Border Tensions

CVE-2020-28243 SaltStack Minion Local Privilege Escalation

Google exploring using location info to slow coronavirus spread

Picking an Abus 55/40 - YouTube

The U.S. wants smartphone location data to fight coronavirus. Privacy advocates are worried.

Oxford lab studying the COVID-19 virus is hacked. Zoom impersonation campaign. Senators would’ve liked to have heard from Amazon about Solorigate. NSA likes zero trust. NIST IoT guidelines.

Stop the EARN IT Bill Before It Breaks Encryption | EFF Action Center

virusbtn: Sophos researchers - and regular VB conference speakers - @GaborSzappanos and @threatresearch have analysed “Gootloader”, a payload delivery method via search engines https://t.co/uXG24tfPpl https://t.co/oKDERDCEwo

virusbtn: FireEye Mandiant's @BMcKeg, @Wanna_VanTa and @bryceabdo write about UNC2198 using ICEDID infections to deploy MAZE or EGREGOR ransomware https://t.co/JQbKamdlnh https://t.co/B9BwhZTeoU

virusbtn: Sucuri researcher @rootprivilege writes about SQL triggers used as WordPress backdoors https://t.co/GIlPk3nDss https://t.co/p9u1ojCyY9

virusbtn: A Recorded Future report describes a series of suspected targeted intrusions against India’s power sector conducted by a China-linked group known as RedEcho https://t.co/5mEREuqLmZ https://t.co/li4yTSImMl

virusbtn: ANSSI has published a report about infection chains leading to the deployment of Ryuk ransomware and the new version that self-spreads in infected networks https://t.co/Mmh3rBRJb1 https://t.co/mIWugAvKkr

MITREattack: Struggling to make sense of the activity related to SolarWinds the past few months? @snarejen and @_whatshisface are going to be joining @likethecoins next Thursday to talk about both what's new and what's familiar through the lens of MITRE ATT&CK. https://t.co/J7Jqe0TeKN

SpecterOps: We are excited to announce our first commercial product from our #BloodHound team, designed to help enterprises directly address managing and reducing Active Directory attack paths. Join @_wald0 and @davidpmcguire March 9th for our public preview: https://t.co/M11M7PJ5IO

TalosSecurity: We are hiring for multiple positions currently. We would love to have you come help us #FightTheGoodFight and join a world-class security organization. Check out all openings here #SecurityJobs #NowHiring https://t.co/HgbCUDrOs5 https://t.co/6iPPpRSuNZ

TalosSecurity: Take Talos on the go — Subscribe to both our podcasts. Talos Takes brings you the tl;dr of security topics, while Beers with Talos covers the latest threats and security news, all with a bit of "humor" sprinkled in (they think they're really funny) https://t.co/K84arjl0Dv https://t.co/xRhLDvce8Q

TalosSecurity: Are you up to date on your Talos Takes episodes? Make sure to check out this week's, where we talk about the importance of logs in #IncidentResponse https://t.co/4ElWxDrYdy https://t.co/aEaW667oGx

TalosSecurity: The #Gamaredon APT may fit into a new "tier two" of threat actor — groups that steal information and send it (or sell it) to other groups. Here's what we know about this actor and their recent campaigns https://t.co/pDuUDFS0RD https://t.co/5ikcODNWmX

MBThreatIntel: Same campaign, they just switched the redirector to www.newerrorforwindows405[.]club https://t.co/dHL1WlrlLh

MBThreatIntel: Credit card skimmer code injected into @SIGGofficial. Archived here: https://t.co/Odb4AfSzRa https://t.co/yLQpLcfsbc

MBThreatIntel: @Secure0ps @h2jazi Thanks, fixed!

MBThreatIntel: Today we release a new paper on a threat actor that has similarities with #APT28 and #MuddyWater. Research done by @h2jazi. ➡️Blog summary: https://t.co/cLlUyRpGYI ➡️PDF report: https://t.co/2pDOe61wKU #LazyScripter #APT

anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (93) ⬇️ #RemCOS 111 (128) ⬆️ #Redline 106 (75) ⬆️ #DCrat 94 (40) ⬇️ #AgentTesla 90 (124) ⬇️ #Emotet 71 (124) ⬆️ #Quasar 70 (57) https://t.co/98nRpXOxWw

anyrun_app: @Da1stRndDrftPic The sandbox works with any content, but the end result is always determined by the analyst. Initially, our service is designed for interaction with the system, and indeed, not all phishing sites can be detected automatically. Now, we detect the most common ones, but it is growing

anyrun_app: @ShadowChasing1 Hello! This functionality is still in development. Unfortunately, there is no ETA of release.

anyrun_app: Please note: the #Gozi execution isn't triggered by interaction with applications that don't send requests. On the screenshot, Winword, Explorer, and Winrar didn't do work but after Chrome was opened, trojan executed Internet Explorer via COM https://t.co/QAwrGyEcIs

anyrun_app: Banking trojan doesn't active during the analysis? Level your research up with ANYRUN! #Gozi #Ursnif execution triggered after it hooked the network's API. For example, it may be done by opening a web browser or IM client, so use ANYRUN's interactivity! https://t.co/3qrVi2ZhUv

abuse_ch: Top contributors to URLhaus in February 2021 🏆 🥇 24'166 @lrz_urlhaus 🥈 12'002 @geenensp 🥉 4'050 @Gandylyan1 3'997 @p5yb34m 2'530 @Cryptolaemus1 2'419 @lazyactivist192 1'911 @tolisec 998 @_morepoints 👉 https://t.co/DSARIaelFA

abuse_ch: @FewAtoms #opendir serving various malware #AgentTesla #SnakeKeylogger #Formbook #RemcosRAT 👉 https://t.co/m474pGy6T8

abuse_ch: @elhackernet @kishou_yusa Still didn't managed to get a replacement of that old server. So it will stay like that for a while.

abuse_ch: @FewAtoms #opendir pushing #AgentTesla https://t.co/uyklB3oxZ4

abuse_ch: @FewAtoms @James_inthe_box @JAMESWT_MHT Thanks, got already caught by @Cryptolaemus1 yesterday: https://t.co/wOgUuGDxUc

QuoIntelligence: This week we report on #clop-linked #Accellion #FTA attacks affecting #Bombardier & other entities. QuoIntelligence analyzes attribution, the listed leaks published on Clop's leak page, and the evolution of the #Ransomware . This & more here: https://t.co/r20pMNkLFb

JAMESWT_MHT: Mp3, Flac, Spotify, Tidal. Yes all cool... But I prefer old school 😎 https://t.co/aM5ABHkOUs

JAMESWT_MHT: @wwp96 #Koadic #Script sample https://t.co/1svpR8YLNw from mentioned url hXXp://hpsj.firewall-gateway.net/hpjs.php cc @malwrhunterteam @FBussoletti @guelfoweb @sugimu_sec @lazyactivist192 @Jan0fficial @Arkbird_SOLG @JRoosen @verovaleros @fr0s7_ @ffforward

cyb3rops: @SwiftOnSecurity It’s in the Release section https://t.co/PdJTc6Iomk

cyb3rops: We have thousands of tools that help us analyze and evaluate compiled code in order to detect malicious contents. We have only a handful of tools that help us analyze and evaluate source code in order to detect malicious contents. More supply chain attacks will change that.

cyb3rops: @dubs3c @michenriksen @hdmoore Therefore I'd map out all http.Get (and the like) requests. Even a counter would help to point out suspicious new lines. Before 13 requests, now 14, this one in file x.go:160 is new.

cyb3rops: @0xdhf @mkolsek @lkarlslund https://t.co/EIhGr3bQGa

RedDrip7: New sample seems used by #APT-C-23. Once it gets executed, a document relating to #Hamas is shown to confuse the victim and meanwhile RAT is executed to perform remote control. https://t.co/Fr9eP872w0 https://t.co/zfmU7yJRvP

inj3ct0r: #0daytoday #ASUS Remote Link 1.1.2.13 - Remote Code Execution #Exploit #RCE https://t.co/7PcXAOa3w3

inj3ct0r: #0daytoday #VMware #vCenter 6.5 / 7.0 Remote Code Execution #Exploit #RCE https://t.co/J5JordIprw

inj3ct0r: #0daytoday #MicrosoftExchangeServer msExchEcpCanary #CSRF / Privilege Escalation #Exploit #MicrosoftExchange #LPE https://t.co/KRV3Y27xhn

inj3ct0r: #0daytoday #SeattleLabMail (#SLMail) 5.1.0.4420 Remote Code Execution #Exploit #RCE https://t.co/jgHLgv8oPQ

inj3ct0r: #0daytoday #Windows/x86 - Add User Alfred to Administrators/Remote Desktop Users Group #Shellcode (240 bytes) https://t.co/ThZRFInG6y

malwrhunterteam: "AleynaTilkiPornosu.apk": 7c3986f27d1524cf62ac64dc4bd9b735ea0fc979f1609eccc54783f00a22b4b2 From: https://cdn.discordapp[.]com/attachments/790992777881845822/815572217567379456/AleynaTilkiPornosu.apk Maybe related to: https://t.co/mstApvbfAc https://t.co/GfGQ004Fpl

malwrhunterteam: "LiveTalk.apk": 12f4484207a700718846caa3bb3f1b73f69624989f30ac62e425aa2dc27a13ab C2: hdr1.emotionaim[.]club:4455 https://t.co/WA2Oj2gkSk

malwrhunterteam: "Davivienda-Security.apk": ba324b92bdf547cdb7128732512c111d4f36b54aac1759e222afaae0d94e3f29 https://t.co/l6FmZYQ8nz

malwrhunterteam: 👏 😂 https://t.co/Jzim908Z4d

blackorbird: Lazarus targets defense industry(russian) with ThreatNeedle(malware) #APT report: https://t.co/AiNLx4g8YC https://t.co/5KQnhTOkpl

blackorbird: #Gamaredon Summary: "The actor is not as stealthy as other major APT actors, and instead acts more like a crimeware gang." report: https://t.co/PUNqW0xKdy Gamaredon infrastructure --1300+ IOC: "More than 230 of the IPs had geolocation data from Russia. " https://t.co/HbdT8PAtNX https://t.co/W9MHv18WaT

blackorbird: VMware vCenter RCE CVE-2021-21972 Update! https://t.co/glcafAS8ca analysis: https://t.co/19t1Noc0sj poc: /ui/vropspluginui/rest/services/uploadova https://t.co/whQNXriM7Z https://t.co/5MaG5cgOj4

blackorbird: 2021 Global Threat Report from CrowdStrike #APT #Cybercrime ref: https://t.co/QA68QJuYYs pdf: https://t.co/KvBfG4iZwu https://t.co/MvUcXQ5q11

malware_traffic: @forensic_x Ah, I undertand now. You're referring to a traffic analysis exercise I posted in April of last year. Cool!

malware_traffic: 2021-02-25 (Thursday) - Email pushing #AgentTesla, but I couldn't achieve a full infection chain - Email with attache RAR archives available at: https://t.co/FiqVFzleeY https://t.co/TnZav7ltoe

malware_traffic: @forensic_x Thanks! I didn't mean for this to be an exercise, but I ran it in an AD environment, so there's an associated user account name/host name/etc associated with the infection. Plus, I've been on a meme kick lately. Always happy to see people using these for training/practice!

James_inthe_box: doc hash: 9602abf3e2bab447c2abb3ca8efc3fbf730dd458e6f71fc62eef6055afff0230 dll hash: 7bfd59b4c8b046bf15cb408e51ed482a9d19c3d9201d510978b82c9f58cf8e8a

James_inthe_box: @Google cc @wavellan @noottrak @jw_sec @malware_traffic @executemalware @wwp96 @felixw3000 @HerbieZimmerman @ffforward @node5

James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https://docs[.]google[.]com/document/d/e/2PACX-1vToFbul-szJUs5DJvcUaXbzwE4CI31TY5mCg9a5Exs0USXcC8Z5Y0qCmm8jmwVQ8jZLe8SFAdFeE2cj/pub https://t.co/CdYjGrWaGJ

James_inthe_box: A csv list of #malspam campaigns that crossed my path in February to include subjects, hashes, c2's and keylogger exfil email addresses: https://t.co/jwFNTz6y8A #retrohunt most of these have been hand analyzed by yours truly. https://t.co/i5eVbMs2LZ

James_inthe_box: #dtloader trying get creative ;) https://t.co/7wF3IyOoGc https://t.co/TiqNJ3BdB5

pmelson: @VijayUpadhyaya Oh, I definitely downloaded it. 😇 https://t.co/u5ONpH2NCP

pmelson: @UK_Daniel_Card https://t.co/fEIaINsDKS

pmelson: @UK_Daniel_Card https://t.co/IRErqRfdl4

pmelson: Totes legit 🤣 https://t.co/BpbxBaN3sl

pmelson: @phemmmix @kungfu_javeous Warm cookie Wednesdays 🤤

demonslay335: Malware sample, thanks for tagging @struppigel + @pcrisk : https://t.co/QwgQeYA2xb

demonslay335: @Amigo_A_ Haven't seen it yet. They do occasionally seem to skip versions - or there just isn't enough victims to have a note end up on IDR or malware sample on VT.

demonslay335: @Hrv1er @BludickaU Not sure that's the ransomware. One of those is a cryptominer for sure though.

demonslay335: @SUMMI1991 Read the FAQ... https://t.co/NORSVwykGo

hackerfantastic: Last chance to get our @myhackerhouse world renowned training Hands-On Hacking for 40% off! This sale ends in a few hours! Use code FEBHAXOR and get started on your journey into ethical hacking today! By best-selling authors of "Hands On Hacking" by Wiley https://t.co/Hu2srPqCm1

hackerfantastic: @myhackerhouse @ExposingTheShit @YourAnonRiots You'll find the course syllabus on our website and a free module that you can work through to see if the course if a good fit for you! We also have a book which you can find at all good book stores, "Hands-On Hacking" published by Wiley recommended to read alongside our course!

VK_Intel: 💥[#Zero2Auto] We are having our first graduates for our top Zero2Auto advanced #malware analysis course yay! Just sent out the first course certificates w/ 30+ hours AND unique certificate ID for accomplishment verification 🤗 https://t.co/lUeVcZFL6Y @0verfl0w_ | @sysopfb https://t.co/8bKT6E2HT1

DrunkBinary: https://t.co/4DwY5M8hCL https://t.co/XYY7IlLdzi

DrunkBinary: Great presentation by @BrianPKime https://t.co/BsMCed9E2K

DrunkBinary: @dannyjpalmer They are the Defenders of Humanity. They are my Space Marines and they shall know no fear. https://t.co/FMWmpnvo17

Arkbird_SOLG: @cPeterr @demonslay335 @Sebdraven @JAMESWT_MHT @Glacius_ @malwrhunterteam That a new sample of babuk that detect this morning if you want fun with it. https://t.co/EJytoYKFFE

KorbenD_Intel: Hrmmm.. 🤔 maybe @malwrhunterteam can help with that request. https://t.co/J8XfrFIIX0

ShadowChasing1: Anthoer sample which also use its content But I do not sure it comes from #CloudAtlas #APT group ITW:f69de3541d09fbc51c35affa7909a023 URL: hxxps://github.com/edcom/validate7condom7rapids9simoom9 https://t.co/xEzTbY4vQL https://t.co/GQZhDI0oHI

ShadowChasing1: 98A3C157C530D76C5969B785954ED4F7 B18B729E1EC41B5AA3A8DA696E3E4919 8DEAB9010AA6C25C6441823D8171490C

ShadowChasing1: info.printerupdates.)online/{ComputerName}~{UserName}/XddvInXdl(javatemp.exe) info.printerupdates.)online/{ComputerName}~{UserName}/ZuDDey1eDXUl(pytemp.exe) info.printerupdates.)online/{ComputerName}~{UserName}/Vyuib45xzlqn(plaapas.exe) https://t.co/SoHfXpBSbb

ShadowChasing1: Today our researchers have found new sample which belongs to #Donot #APT group ITW:ee76a4228dab4c5b0d8c6cdb19e3da81 filename:Cleaner.exe Next period URL: hxxps://info.printerupdates.online/{UserName}/Xddv21SDsxDl (henos.dll) A9B22E50ECEBE7A1B8BC723A1A3EBC93 https://t.co/yRIJ5goeY1

cyberwar_15: @_jsoo_ @trimosx 환영합니다. 즐겁고 행복한 시간 보내세요.

cyberwar_15: F:\Windows\development\VC\JINHO_SPY\LHL_20200707\HTTPPro\Release\HTTPPro.pdb F:\Windows\development\VC\JINHO_SPY\venus -0716\HTTPPro\Release\HTTPPro.pdb F:\Windows\development\VC\JINHO_SPY\jhh\HTTPPro\Release\HTTPPro.pdb

cyberwar_15: #북한 #NorthKorea #Cyberwar #ThreatActor #JINHO https://t.co/RYgdc2GtgK https://t.co/3u5GadPEMu

cyberwar_15: @mstoned7 실제 북한출신 중 서울에 오래 살고 계신분들과 대화해 보면 알기 어려운 경우도 많아요. 🤣

cyberwar_15: @mstoned7 우리 지인일지도 모르죠 ㅎㅎ

Manu_De_Lucia: @DmitriyMelikov implant shares chunks with #APT28 #Sednit #FancyBear https://t.co/S8dUFXvd7j

58_158_177_102: 大した内容もない記事に突っ込むのも大人げない、と言われそうですが、「出世を諦めたおじさん」が期待して資格勉強に時間を費やして、結果、空振りさせるような内容はどうかなって思う。。。 「出世を諦めたおじさん」が、これから「取るべき資格」「おすすめしない資格」 https://t.co/T4PuFdMjKI https://t.co/xFlQDDPSVG

58_158_177_102: @aaqeel87 @BushidoToken @SyscallE @stoerchl @ffforward @abuse_ch

IntezerLabs: We're focusing on #containersecurity this month 🖖 On Thursday join @Ell_o_Punk @MalwareJake @SANSInstitute for long-lived and prosperous container security. Register here https://t.co/6fiGOAABsm https://t.co/HZROJWkEqR

IntezerLabs: Intezer is tracking the latest Linux threats to protect your cloud environments #ProtectTheCloud https://t.co/a0STqAoZqU

IntezerLabs: @0xthreatintel @abuse_ch Nice find

aboutsecurity: How can #FedIT best approach IT supply chain #cybersecurity risks? Thanks to @FedTechMagazine for interviewing me as part of @SANSInstitute faculty https://t.co/bpVsWAGSWP #GovIT

kyleehmke: Possible FIN7 domain shareholderma[.]com was registered on 2/25 and is hosted on a dedicated server at 91.92.128[.]238. In @ThreatConnect: https://t.co/Z5hipXclJd https://t.co/KZByMqGuSh

kyleehmke: Another domain -- smadst[.]com (45.141.84[.]190) -- was also registered as part of the above set. Rel Cobalt Strike: cb9feed1e74517696c19fafbac39c880. Also, registered separately on 2/24, slhmsappf[.]com resolves to the same 194.26.29[.]243 IP hosting juanat[.]com. https://t.co/crjb8T78K7

kyleehmke: Suspicious domain wikisportnews[.]com was created through Njalla on 2/20/21. The www subdomain resolves to a probable dedicated server at 141.136.0[.]9, which also hosts search-webnews[.]com (12/24/20, Hostinger, prev. 94.140.115[.]83). In @ThreatConnect: https://t.co/perfV6Z5hV https://t.co/S8JLwandCr

kyleehmke: At least five other domains are a part of this set: shewop[.]com (45.141.84[.]189) sarohn[.]com (45.141.84[.]85) radioabout[.]com (45.141.84[.]84) pilizz[.]com (45.141.84[.]63) lodidy[.]com (45.141.84[.]34) https://t.co/2Ch9aWTMOI

DissectMalware: Update #xlrd2 pip install -U https[://github.com/DissectMalware/xlrd2/archive/master.zip --force https://t.co/V75Xlrlc6h https://t.co/IDUhFcONUc

DissectMalware: @Lee_Holmes Thank you Lee. I had a fun ride following people like you; learned a lot.

DissectMalware: Joined twitter 3 years ago today! Started with a terrible news in Feb. Decided to work on #xlmdeobfuscator instead... Ended with another terrible news after hearing an awesome one last week. Seems constant switching between being on the moon and being on the ground #BeHappy https://t.co/VuylLaTlV6

Hexacorn: @pstirparo @asfakian @DragosInc congratz Pasquale!

Hexacorn: @jonasLyk n00b

Hexacorn: @jonasLyk hmm why do you need to disable Steps Recorder with DisableUAR? https://t.co/gtO2p4hwuj

Hexacorn: @SwiftOnSecurity @mattifestation out of curiosity, how? can you share example? I see f.ex. this: Internal signature match:subtype=Lowfi, sigseq=0x00001080BC8ED4C0, sigsha=b7f431144f9ad1002ee6b19404bee4b2ac16b10a, cached=false, source=0, resource="process://C:\Windows\System32\msdtc.exe" Engine:

JCyberSec_: @MaelSecurity @Bank_Security Sure this is a 419 and not a phishing page like a puppeteer kit? Not been able to poke the site just the screenshots look more phishing than scam

JCyberSec_: @Sir_L0ins Very kind but I'm not here for money. I'm interested in whether people would be able to make the transition from a free platform to a paid offering.

JCyberSec_: As Twitter announces a premium pay model (Super Followers) what I want to know is: Would YOU pay to view MY tweets? Extra phishing IoCs, phishing kit analysis, threat actor IoCs, etc.

JCyberSec_: Hello @hello_niche 👋 Your website has been compromised by malicious actors and currently hosting #phishing Please reach out to me via DM for me to help you. 🌐hxxps://nicherecruitment.co.uk/wp-includes/content/sent/lo/user/index.php?i=i&0=e@e.com https://t.co/4bhPqDfpgs

JCyberSec_: @drstrange1989 @bishopfox I wish I had written that research but sadly I didn't. True credit goes to @theBumbleSec

nullcookies: @Viking_Sec Hiking and climbing helps.

nullcookies: Soundboard fun — Making fake DEA and IRS agents rage and trolling the tech support scammer equivalent of Patrick Bateman who claims to be a “high function sociopath.” (Sic.) https://t.co/iktvwsyOZM

nullcookies: @Sir_L0ins What an excellent day for an exorcism.

nullcookies: In other news, there’s a contortionist in my hallway. https://t.co/hebM6d1mCG

campuscodi: Since I didn't setup this PIA account, but someone already paid for it, here's the account credentials! Go nuts! Maybe you can tag @buyvpnservice and remind them to add a mechanism to verify emails before anyone can open new accounts. https://t.co/OovA8qVoxJ

campuscodi: Yo, idiots at @LimeVPN and @buyvpnservice! Could you stop allowing random people to create accounts using my email address without proper verification and then processing payments using my name? k, thnx, bye!

campuscodi: We just added an update to point out that the Spectre exploit appears to have leaked last year when someone published a cracked version of the CANVAS tool and two exploit packs on hacking forums. Leak slowly traveled through underground circles until it hit RAID last month https://t.co/rCqG96wUe7

campuscodi: @HowellONeill yes 😊

SBousseaden: delete the phishing document path trace from office Resiliency registry: "HKCU\Software\Microsoft\Office\12.0\Word\Resiliency" /F https://t.co/IqQM05kvTm https://t.co/3oJ2ekyzpy

SBousseaden: stuff started via ShellBrowserWindow is marked as "Manual execution by user" by https://t.co/to6CrV0Ht9 :) https://t.co/fG70zZLWBP

SBousseaden: process running with medium or low integrity won't normally create/change files in system protected std folders (test folder has permission full access to users), that could indicate privesc attempt or a vulnerability. https://t.co/V1aTZwQCOn

SBousseaden: if you find a suspicious explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} child process (e.g. scripting utilities, lolbas) u need to take the child cmdline (for scripting) or process path to link it with source of infection (i.e. from 1 & 2 we link wscript with word) https://t.co/TlFrPcZnzi

SBousseaden: an example of a hunting EQL for suspicious traffic from IE (via COM): https://t.co/dZpIDrQMZW https://t.co/9zCFtbZ5XM https://t.co/TjtwhcOZQp

424f424f: Awe, my first little baby Solidity contract on #BSC testnet https://t.co/2rn3il5ruC Check the input data section ;) #hacktheplanet

424f424f: @christruncer 34" is the sweet spot I think. I use https://t.co/Dj9XkzB4Xa

lazyactivist192: Maybe next time I'll remember to put in the cryptolaemus api key rip https://t.co/7IDrc8w3JZ

lazyactivist192: @synthesizedsouI @Spiritualincel @rachaelrox85 @livandorder But then he'd have to blame himself and mature as a person

cyber__sloth: Great work by @joakimkennedy ! https://t.co/g3hFSTDwWy

FewAtoms: #malware #infosecurity #threathunting #cybersecurity #opendir hxxp://195.123.220.220/uploads/files/ @abuse_ch @James_inthe_box @JAMESWT_MHT https://t.co/vLx0rzPkmu

reecdeep: @500mk500 Very weird! It looks to me Qakbot from TTPs!

reecdeep: #malspam spreading #Qakbot #Qbot #Malware targets #Italy 🇮🇹 01-03-21 "Buon pomeriggio!" p://wnah27frybfe02sadb.[com/fedara.gif p://nygvj27cvlk02cktf.[com/fedara.gif p://jqilt27xsbz02anaeu.[com/fedara.gif #infosec #CyberSecurity #DFIR #cybercrime #cyberattacks #Security #cyber https://t.co/VNo2OuW18b

reecdeep: #Dridex #Malware h/t @58_158_177_102 dropUrls found by @stoerchl https://t.co/2J2q6Tghkz 👉https://t.co/TAzTv5oNVQ 🔥 c2: 77.220.64.146:442 85.25.134.43:8172 213.208.134.178:6516 https://t.co/Jlvz1lG5l0 #infosec #CyberSecurity #cybercrime #DFIR #Security #CyberAttack #cyber https://t.co/aos9FMy21V

reecdeep: #Malware #AgentTesla hits #italy 🇮🇹 "Re: conferma di pagamento" ⚙️ https://t.co/a5lDPhcaon 🔥 👉osndjdjjjdjshgaggdkf.]com info.network@[greatdeck.[co mail.greatdeck.[co @guelfoweb @matte_lodi @VirITeXplorer @D3LabIT @luc4m #infosec #CyberSecurity #cybercrime #Security #cyber

reecdeep: #Malware #SnakeKeylogger ⚙️ https://t.co/IXmiuK03oo 🔥 SMTP exfiltration admin@[hinet-hinet.[net us2.[smtp.mailhostbox.[com #infosec #cybercrime #CyberSecurity #DFIR #cyber #cyber https://t.co/1zjVFyeSMN

luc4m: @_Bear_Crawl_ Ohoho, please link here 😅😁

3xp0rtblog: @James_inthe_box @JAMESWT_MHT @malwrhunterteam @0x7fff9 @Arkbird_SOLG @luc4m @struppigel @ViriBack @ItsReallyNick @hexlax @fr0s7_ @pmelson @siri_urz @shotgunner101 @executemalware @FewAtoms @ochsenmeier @Xylit0l @Jan0fficial @Intel_by_KELA @JRoosen @Abjuri5t @Bank_Security

3xp0rtblog: Name of the malware: Ades Stealer Build programming language: C# Panel: in telegram Price: 400 RUB for 1 month, 4000 RUB for a lifetime. Posted on: https://t.co/Y7PdUg13Sn Telegram: ades_helper_bot chaykaok (866062388) zxcxwq1 (1315598753)

3xp0rtblog: #Malware #Stealer #AdesStealer TM7Uxq.exe: https://t.co/YnQNjewbRO https://t.co/K5WQW09ZTs Additional information in the comments 👇 https://t.co/NIG6FbwhGP

----Vulners.com High Sev. Last 3 Days----

CVSS: 6.9 (RHSA-2021:0681) Important: podman security update

CVSS: 6.8 (RHSA-2021:0672) Important: bind security update

CVSS: 6.8 (RHSA-2021:0671) Important: bind security update

CVSS: 6.8 (RHSA-2021:0670) Important: bind security update

CVSS: 6.8 (RHSA-2021:0669) Important: bind security update

CVSS: 6.8 bind security update

CVSS: 6.8 Bind vulnerability

CVSS: 6.8 CentOS 7 : ImageMagick (CESA-2021:0024)

CVSS: 7.5 CentOS 8 : firefox (CESA-2021:0655)

CVSS: 7.5 CentOS 7 : firefox (CESA-2021:0656)

CVSS: 7.5 CentOS 7 : libexif (CESA-2020:5402)

CVSS: 7.5 CentOS 7 : thunderbird (CESA-2021:0661)

CVSS: 7.5 CentOS 8 : thunderbird (CESA-2021:0657)

----NVD Last 3 Days----

CVE#: CVE-2018-25004 Published Date: 2021-03-01 CVSS: NO CVSS Description: A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.6; MongoDB Server v3.6 versions prior to 3.6.11.

CVE#: CVE-2019-25020 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require authentication, an attacker can retrieve the administrative configuration by sending a POST request to the /sdm-ws-rest/preconfiguration URI.

CVE#: CVE-2019-25021 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an attacker can access the OrientDB by providing admin as the admin password. A different password cannot be set because of the implementation in code.

CVE#: CVE-2019-25022 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in Scytl sVote 2.1. An attacker can inject code that gets executed by creating an election-event and injecting a payload over an event alias, because the application calls Runtime.getRuntime().exec() without validation.

CVE#: CVE-2019-25023 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header (which can be manipulated client-side) is used for the internal application logs, an attacker can inject wrong IP addresses into these logs.

CVE#: CVE-2020-28243 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory.

CVE#: CVE-2020-28972 Published Date: 2021-02-27 CVSS: NO CVSS Description: In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.

CVE#: CVE-2020-35662 Published Date: 2021-02-27 CVSS: NO CVSS Description: In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.

CVE#: CVE-2020-36240 Published Date: 2021-03-01 CVSS: NO CVSS Description: The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.

CVE#: CVE-2020-7929 Published Date: 2021-03-01 CVSS: NO CVSS Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20.

CVE#: CVE-2020-9479 Published Date: 2021-03-01 CVSS: NO CVSS Description: When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDB

CVE#: CVE-2021-21515 Published Date: 2021-03-01 CVSS: NO CVSS Description: Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross-Site Scripting vulnerability. A remote low privileged attacker may potentially exploit this vulnerability, to hijack user sessions or to trick a victim application user to unknowingly send arbitrary requests to the server.

CVE#: CVE-2021-21517 Published Date: 2021-03-01 CVSS: NO CVSS Description: SRS Policy Manager 6.X is affected by an XML External Entity Injection (XXE) vulnerability due to a misconfigured XML parser that processes user-supplied DTD input without sufficient validation. A remote unauthenticated attacker can potentially exploit this vulnerability to read system files as a non-root user and may be able to temporarily disrupt the ESRS service.

CVE#: CVE-2021-22114 Published Date: 2021-03-01 CVSS: NO CVSS Description: Addresses partial fix in CVE-2018-1263. Spring-integration-zip, versions prior to 1.0.4, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder.

CVE#: CVE-2021-25122 Published Date: 2021-03-01 CVSS: NO CVSS Description: When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.

CVE#: CVE-2021-25281 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.

CVE#: CVE-2021-25282 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.

CVE#: CVE-2021-25283 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in through SaltStack Salt before 3002.5. The jinja renderer does not protect against server side template injection attacks.

CVE#: CVE-2021-25284 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.

CVE#: CVE-2021-25329 Published Date: 2021-03-01 CVSS: NO CVSS Description: The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

CVE#: CVE-2021-25829 Published Date: 2021-03-01 CVSS: NO CVSS Description: An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server.

CVE#: CVE-2021-25830 Published Date: 2021-03-01 CVSS: NO CVSS Description: A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote code execution on DocumentServer.

CVE#: CVE-2021-25831 Published Date: 2021-03-01 CVSS: NO CVSS Description: A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer.

CVE#: CVE-2021-25832 Published Date: 2021-03-01 CVSS: NO CVSS Description: A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer.

CVE#: CVE-2021-25833 Published Date: 2021-03-01 CVSS: NO CVSS Description: A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code execution on DocumentServer.

CVE#: CVE-2021-25914 Published Date: 2021-03-01 CVSS: NO CVSS Description: Prototype pollution vulnerability in 'object-collider' versions 1.0.0 through 1.0.3 allows attacker to cause a denial of service and may lead to remote code execution.

CVE#: CVE-2021-26475 Published Date: 2021-03-01 CVSS: NO CVSS Description: EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI.

CVE#: CVE-2021-26476 Published Date: 2021-03-01 CVSS: NO CVSS Description: EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI.

CVE#: CVE-2021-26702 Published Date: 2021-03-01 CVSS: NO CVSS Description: EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset parameter to the cgi/dataset_dictionary URI.

CVE#: CVE-2021-26703 Published Date: 2021-03-01 CVSS: NO CVSS Description: EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted JSON/XML input to a cgi/ajax/phrase URI.

CVE#: CVE-2021-26704 Published Date: 2021-03-01 CVSS: NO CVSS Description: EPrints 3.4.2 allows remote attackers to execute arbitrary commands via crafted input to the verb parameter in a cgi/toolbox/toolbox URI.

CVE#: CVE-2021-27132 Published Date: 2021-02-27 CVSS: NO CVSS Description: SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.

CVE#: CVE-2021-27225 Published Date: 2021-03-01 CVSS: NO CVSS Description: In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access.

CVE#: CVE-2021-27317 Published Date: 2021-03-01 CVSS: NO CVSS Description: Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.

CVE#: CVE-2021-27318 Published Date: 2021-03-01 CVSS: NO CVSS Description: Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the lastname parameter.

CVE#: CVE-2021-27876 Published Date: 2021-03-01 CVSS: NO CVSS Description: An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. By using crafted input parameters in one of these commands, an attacker can access an arbitrary file on the system using System privileges.

CVE#: CVE-2021-27877 Published Date: 2021-03-01 CVSS: NO CVSS Description: An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication schemes: SHA authentication is one of these. This authentication scheme is no longer used in current versions of the product, but hadn't yet been disabled. An attacker could remotely exploit this scheme to gain unauthorized access to an Agent and execute privileged commands.

CVE#: CVE-2021-27878 Published Date: 2021-03-01 CVSS: NO CVSS Description: An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to gain unauthorized access and complete the authentication process. Subsequently, the client can execute data management protocol commands on the authenticated connection. The attacker could use one of these commands to execute an arbitrary command on the system using system privileges.

CVE#: CVE-2021-3144 Published Date: 2021-02-27 CVSS: NO CVSS Description: In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)

CVE#: CVE-2021-3148 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.

CVE#: CVE-2021-3151 Published Date: 2021-02-27 CVSS: NO CVSS Description: i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__MONITORING__CONFIG__ADDRESS, or SM2__C__MONITORING__CONFIG__ADDRESS.

CVE#: CVE-2021-3197 Published Date: 2021-02-27 CVSS: NO CVSS Description: An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via ssh_options provided in an API request.

CVE#: CVE-2021-3332 Published Date: 2021-03-01 CVSS: NO CVSS Description: WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password.

CVE#: CVE-2021-3342 Published Date: 2021-03-01 CVSS: NO CVSS Description: EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via crafted LaTeX input to a cgi/latex2png?latex= URI.

----#MALWARE----

ThePhantom0101: RT @c3rb3ru5d3d53c: This is where I fight #cybercrime and #malware now. #WFH not so bad now! https://t.co/movWHq51P4

CSOCIntel: RT @kelliaker1: Our DFIR team is hiring a Manager, Incident Response! Are you ready to make an impact? Apply here: #ransomware #dfirjobs #…

CyberSecurityN8: RT @SATYAMM12772508: My own workplace… ( Black & White ) #cybersecurity #satmis #ceh #ethicalhacker #hacking #coding #redhawk #hackingtoo…

cybersec_feeds: RT @eudyzerpa: https://t.co/gnDOld7G3D detected 58 new websites hosting #phishing | new today: 813 | #infosec #cybersecurity #malware https… Link with Tweet

botcybersec: RT @GregoryDEvans: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/l764xvPEzC Link with Tweet

MaltrakN: RT @GregoryDEvans: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/l764xvPEzC Link with Tweet

MaltrakN: RT @NcsVentures: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/lfrrepSDYH Link with Tweet

MaltrakN: RT @rneelmani: Universal Health Services (UHS) said that the #Ryuk #ransomware attack it suffered during September 2020 had an estimated im…

CalefybTech: RT @SATYAMM12772508: My own workplace… ( Black & White ) #cybersecurity #satmis #ceh #ethicalhacker #hacking #coding #redhawk #hackingtoo…

CalefybTech: RT @SATYAMM12772508: My own workplace… ( Black & White ) #cybersecurity #satmis #ceh #ethicalhacker #hacking #coding #redhawk #hackingtool…

sectest9: RT @rneelmani: Universal Health Services (UHS) said that the #Ryuk #ransomware attack it suffered during September 2020 had an estimated im…

NcsVentures: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/lfrrepSDYH Link with Tweet

GregoryDEvans: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/l764xvPEzC Link with Tweet

femtech_: RT @rneelmani: Universal Health Services (UHS) said that the #Ryuk #ransomware attack it suffered during September 2020 had an estimated im…

rneelmani: Universal Health Services (UHS) said that the #Ryuk #ransomware attack it suffered during September 2020 had an est… https://t.co/bUFmTsL6M9 Link with Tweet

----#PHISHING----

JEMPradio: Phish - Stash>Kung>Stash (5-8-93) #Phish #CommunityRadio https://t.co/LPFrNPSY15 Link with Tweet

cybersec_feeds: RT @eudyzerpa: https://t.co/gnDOld7G3D detected 58 new websites hosting #phishing | new today: 813 | #infosec #cybersecurity #malware https… Link with Tweet

rcybersolutions: RT @PhishFindR: In the Last 24 Hours 🎣 PhishFindR Found: 1042 NEW #Phishing Links 🔗 574 NEW Phishing Domains 🌐 > https://t.co/XwsMfLnEhL… Link with Tweet

JEMPradio: Fare Thee Well - Alabama Getaway (6-28-15) #Phish #CommunityRadio https://t.co/LPFrNPSY15 Link with Tweet

Sally_Dickson: In July 2020, #cryptocurrency wallet company Ledger revealed a breach of 9500 customer contacts. They caution users… https://t.co/uybwBTK0CK Link with Tweet

Fabriciosx: RT @CioAmaro: Cybersecurity is part of everything. 5 Jobs That Use Cyber Security Skills #Infosec #CyberSecurity #CyberAttack #Hacking #Pr…

cybersec_feeds: RT @CioAmaro: Cybersecurity is part of everything. 5 Jobs That Use Cyber Security Skills #Infosec #CyberSecurity #CyberAttack #Hacking #Pr…

gr8musicvenues: RT @JamBase: Tomorrow! @IncubusBand frontman Brandon Boyd (@mybrandonboyd) takes over @PhishRadioSXM to spin his favorite #phish tracks and…

simon_t_gibbard: In a scam URL in which 2 elements might you see a legitimate organisation’s name? 1. Subdomain 2. Page 3. Top-leve… https://t.co/64Pbtb2OrA Link with Tweet

YouEnjoyMySocks: RT @YouEnjoyMySocks: #Phish Story time! 📖 This is a good one folks and it’s one of the best things you’ll read all day. The #YouEnjoyMy…

botcybersec: RT @db_digest: Ransomware Operator Claims - Week 08 2021 https://t.co/0of5VaL8un #databreach #databreaches #databreachesdigest #dataprivacy… Link with Tweet

cybersec_feeds: RT @MinaChan77: Improving Account Security: We’re All In This Together #CyberSecurity #Infosec #security #Privacy #Malware #Ransomware #Phi…

GroHackers: RT @CioAmaro: This is the cost growth of cyberattacks betweeon 2015 to 2025 according Embroker and Cybersecurity Ventures #Infosec #CyberS…

cybersec_feeds: RT @techjunkiejh: #Malformed URL Prefix #Phishing Attacks Spike 6,000% https://t.co/YbgANlTREK #TechJunkieNews #CyberSecurity https://t.co/… Link with Tweet

MiKeMcDnet: RT @cyber: 📨 DYK that #phishing scams from emails continue to be the most common route for #ransomware attacks? Don't compromise your perso…

----#OSINT----

hannah_hartt: RT @KAlexaKoenig: Looking forward to a conversation many of us in #HumanRights + tech + reporting care deeply about: Ethics + #OSINT W/ a…

botcybersec: RT @cybersecstu: Who wants to help create some cool artwork for @TheManyHatsClub IsolationCon? You'll be awarded some special badges, some…

_Mrpack: RT @4v4t4r: #OSINT Thumbnail Save - YouTube Thumbnail Viewer and Downloader https://t.co/EEOF0e6XLR Link with Tweet

RDSWEB: RT @cybersecstu: Who wants to help create some cool artwork for @TheManyHatsClub IsolationCon? You'll be awarded some special badges, some…

The_StarHack3r: RT @s0md3v: Wrote a beginner friendly article about using shadows to guess the time a photo/video was shot at. If you already know this, I…

CyberSecurityN8: RT @cybersecstu: Who wants to help create some cool artwork for @TheManyHatsClub IsolationCon? You'll be awarded some special badges, some…

danjconn: RT @cybersecstu: Who wants to help create some cool artwork for @TheManyHatsClub IsolationCon? You'll be awarded some special badges, some…

jmeddy42: RT @x0rz: A very good outline of the #Ryuk threat by @CERT_FR https://t.co/hDR6hOgZvs (PDF) #threatintel #ransomware #osint https://t.co/CT… Link with Tweet

4n6_Steve: RT @BOsintBlanc: In case you needed more incentive to check out the osint bookmarklet repo #osint @jakecreps is officially collaborating on…

KAS_stoner: RT @osintlearning: Really like this channel 👏 A great start and hopefully much more to come. The devil is in the details #OSINT @OSINTDojo

PwnieLuver: RT @cybersecstu: Who wants to help create some cool artwork for @TheManyHatsClub IsolationCon? You'll be awarded some special badges, some…

KAS_stoner: RT @fs0c131y: Your #OSINT journey start by @BenDoBrown's Youtube channel

gh0std4ncer: RT @x0rz: A very good outline of the #Ryuk threat by @CERT_FR https://t.co/hDR6hOgZvs (PDF) #threatintel #ransomware #osint https://t.co/CT… Link with Tweet

KAS_stoner: RT @OSINT_Research: Awesome Monday, in an office for a change, different coffee (machine). Still found time to digest this #OSINT news.…

KAS_stoner: RT @BenDoBrown: Want to find out exactly when this photo of @BorisJohnson was taken? Why not use his shadow? Here is another #OSINT At Ho…

----#THREATINTEL----

jmeddy42: RT @x0rz: A very good outline of the #Ryuk threat by @CERT_FR https://t.co/hDR6hOgZvs (PDF) #threatintel #ransomware #osint https://t.co/CT… Link with Tweet

cyberreport_io: Locate long-unused files and tidy your hard drives with GrandPerspective https://t.co/BlRj2RMrkE #cybersecurity… https://t.co/jhMA75fhst Link with Tweet Link with Tweet

jayeshmthakur: RT @JinibaBD: Watch out! 😡😱 Beware: AOL #phishing email states your account will be closed #CyberSec #infosec #Security #cybercrime #Threat…

gh0std4ncer: RT @x0rz: A very good outline of the #Ryuk threat by @CERT_FR https://t.co/hDR6hOgZvs (PDF) #threatintel #ransomware #osint https://t.co/CT… Link with Tweet

CSOCIntel: RT @FarsightSecInc: VIDEO: Deploying DNS over HTTPS Without Confrontation @paulvixie @FIRSTdotOrg 2020 https://t.co/n3yXQuUSQV #DNS #DFIR #… Link with Tweet

tisasia: RT @BinSecSweeper: Our platform analyze thousands of apps daily to identify vulnerabilities and threats. Concerned about #Clubhouse #TikTok…

S33ther1: RT @Prosouth: Every single time. This one has been made for you @Sam0x90 #tailormadememes #ThreatIntelligence #infosec https://t.co/8eUBume…

jayeshmthakur: RT @TantivyUK: What's XDR? 5 steps CISOs should take today to prepare: CSO Online https://t.co/CImyM1UgpL #CyberSecurity #security #infosec… Link with Tweet

jayeshmthakur: RT @hollandcbarry: RT MSP Provider Builds Red Team as Attackers Target Industry https://t.co/2X5sqM5QXw by @roblemos #redteam #MSP #threati… Link with Tweet

Prosouth: Every single time. This one has been made for you @Sam0x90 #tailormadememes #ThreatIntelligence #infosec https://t.co/8eUBume76l

jayeshmthakur: RT @InfoSec_Pom: Stay current in InfoSec without living on Twitter or subscribing to 100 inefficient RSS feeds! https://t.co/q1yOWjgK9G ht… Link with Tweet

JustinCrotty: RT @Netenrich: Check out new post by Netenrich's @sneden_michael looking at a proactive and resolution-oriented security operations center:…

derinsiderx: RT @BushidoToken: 🆕Blog: The next evolution in Office365 phishing campaigns: Analysis of a recent cybercriminal operation that uses multip…

Nati_KDK: RT @argevise: 🆕Blog: The next evolution in Office365 phishing campaigns: Analysis of a recent cybercriminal operation that uses multiple s…

cybsecbot: RT @ciso360: Growth in sophisticated and diversified attack vectors led to a 50% jump in #DDoS ransom attacks in the third quarter of 2020…

----#RANSOMWARE----

BotFemale: RT @rneelmani: The #transport system for the #Australian state of #NewSouthWales has suffered a #databreach after the #Clop #ransomware exp…

CSOCIntel: RT @kelliaker1: Our DFIR team is hiring a Manager, Incident Response! Are you ready to make an impact? Apply here: #ransomware #dfirjobs #…

femtech_: RT @rneelmani: The #transport system for the #Australian state of #NewSouthWales has suffered a #databreach after the #Clop #ransomware exp…

rneelmani: The #transport system for the #Australian state of #NewSouthWales has suffered a #databreach after the #Clop… https://t.co/4mPZLEpZ1A Link with Tweet

1silveramerican: RT @CISAgov: This Thursday during the President's Cup --> @DHSgov Secretary Mayorkas will deliver remarks on the Department's commitment to…

Covenantsec4u: These #hackers sell network logins to the highest bidder. And #ransomware gangs are buying | ZDNet… https://t.co/WMEbNmhmtV Link with Tweet

botcybersec: RT @GregoryDEvans: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/l764xvPEzC Link with Tweet

MaltrakN: RT @GregoryDEvans: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/l764xvPEzC Link with Tweet

MaltrakN: RT @NcsVentures: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/lfrrepSDYH Link with Tweet

MaltrakN: RT @rneelmani: Universal Health Services (UHS) said that the #Ryuk #ransomware attack it suffered during September 2020 had an estimated im…

sectest9: RT @rneelmani: Universal Health Services (UHS) said that the #Ryuk #ransomware attack it suffered during September 2020 had an estimated im…

NcsVentures: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/lfrrepSDYH Link with Tweet

GregoryDEvans: The Phishing Problem in Healthcare | #malware | #ransomware | #hacking https://t.co/l764xvPEzC Link with Tweet

femtech_: RT @WiCySNYMetro: We’re back, with our first event of 2021! We’ll have @selenalarson and Camille Singleton to talk about ransomware attacks…

asfakian: RT @WiCySNYMetro: We’re back, with our first event of 2021! We’ll have @selenalarson and Camille Singleton to talk about ransomware attacks…

-----#OPENDIR----

-----#MALSPAM----

CyberSecurityN8: RT @AnnyAllerton: Exploit alert 🚩Masslogger Trojan #Malware #Phishing for #Passwords in @Microsoft Outlook, @GoogleChrome & instant messeng…

cybersec_feeds: RT @AnnyAllerton: Exploit alert 🚩Masslogger Trojan #Malware #Phishing for #Passwords in @Microsoft Outlook, @GoogleChrome & instant messeng…

hj751: RT @James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https:/…

sectest9: RT @AnnyAllerton: Exploit alert 🚩Masslogger Trojan #Malware #Phishing for #Passwords in @Microsoft Outlook, @GoogleChrome & instant messeng…

Cyberspiracy: RT @AnnyAllerton: Exploit alert 🚩Masslogger Trojan #Malware #Phishing for #Passwords in @Microsoft Outlook, @GoogleChrome & instant messeng…

luc4m: RT @reecdeep: #malspam spreading #Qakbot #Qbot #Malware targets #Italy 🇮🇹 01-03-21 "Buon pomeriggio!" p://wnah27frybfe02sadb.[com/fedara.g…

JRoosen: RT @reecdeep: #malspam spreading #Qakbot #Qbot #Malware targets #Italy 🇮🇹 01-03-21 "Buon pomeriggio!" p://wnah27frybfe02sadb.[com/fedara.g…

ffforward: RT @James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https:/…

Isaphoinix: RT @sans_isc: ISC diary - @malware_traffic reviews #malspam pushing #GuLoader for #Remcos #RAT (#RemcosRAT) https://t.co/qMJPV6VrsO https:/… Link with Tweet

malware_traffic: RT @James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https:/…

CSOCIntel: RT @reecdeep: #malspam spreading #Qakbot #Qbot #Malware targets #Italy 🇮🇹 01-03-21 "Buon pomeriggio!" p://wnah27frybfe02sadb.[com/fedara.g…

fe_tsoc: RT @James_inthe_box: A csv list of #malspam campaigns that crossed my path in February to include subjects, hashes, c2's and keylogger exfi…

fe_tsoc: RT @James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https:/…

executemalware: RT @James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https:/…

JRoosen: RT @James_inthe_box: Incoming #hancitor #malspam campaign, subject DocuSign, @google doc links, teslatruckaccessories[.]com sender https:/…

----#EMOTET----

mcb2Eexe: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

meetaidentech: Ryuk ransomware, responsible for majority of 2020 global healthcare system hacks , now self-spreads to other Window… https://t.co/YhRLfw7OkQ Link with Tweet

patriiiiiiiiick: .@Politie It would be good to share your #Emotet DB with @haveibeenpwned. It would allow for wider distribution and… https://t.co/VhYu9vAIBO Link with Tweet

cybsecbot: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

Jason_DFIR: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

c4ioli: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

hutaro_neko: RT @maldatabase: Top malware families analyzed last week: 1️⃣ #AgentTesla 2️⃣ #IcedID 3️⃣ #njRAT 4️⃣ #NanoCore 5️⃣ #Remcos 6️⃣ #Emotet 7️⃣…

PVynckier: RT @HaboubiAnis: #emotet is the infrastructure of the set of #ransomware that we attack from 2019-2021; my logical hypothesis is that it wa…

Max_Mal_: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

fe_tsoc: RT @maldatabase: Top malware families analyzed last week: 1️⃣ #AgentTesla 2️⃣ #IcedID 3️⃣ #njRAT 4️⃣ #NanoCore 5️⃣ #Remcos 6️⃣ #Emotet 7️⃣…

sectest9: RT @maldatabase: Top malware families analyzed last week: 1️⃣ #AgentTesla 2️⃣ #IcedID 3️⃣ #njRAT 4️⃣ #NanoCore 5️⃣ #Remcos 6️⃣ #Emotet 7️⃣…

l8iqb9: RT @maldatabase: Top malware families analyzed last week: 1️⃣ #AgentTesla 2️⃣ #IcedID 3️⃣ #njRAT 4️⃣ #NanoCore 5️⃣ #Remcos 6️⃣ #Emotet 7️⃣…

maldatabase: Top malware families analyzed last week: 1️⃣ #AgentTesla 2️⃣ #IcedID 3️⃣ #njRAT 4️⃣ #NanoCore 5️⃣ #Remcos 6️⃣… https://t.co/kEialCVVvf Link with Tweet

phoenix_ctf: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

Koichi_Mouri: RT @anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 683 (531) ⬆️ #NanoCore 179 (169) ⬇️ #AsyncRAT 122 (147) ⬆️ #FormBook 117 (9…

-----#BUGBOUNTY----

navarroaxel: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

_secret_letters: RT @TheCrysp: I have decided to give away @theXSSrat 's Android Bug Bounty course to one of you. How to participate? 1. Retweet this twee…

Xhav9: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

InfoSecComm: New Write-up on InfoSec Write-ups publication : "MS Azure Fundamentals Revision Notes" #bugbounty #bugbountywriteup… https://t.co/EPuKT6JtAZ Link with Tweet

sectest9: RT @TheCrysp: I have decided to give away @theXSSrat 's Android Bug Bounty course to one of you. How to participate? 1. Retweet this twee…

NeeruGana: RT @TheCrysp: I have decided to give away @theXSSrat 's Android Bug Bounty course to one of you. How to participate? 1. Retweet this twee…

CyberSecurityN8: RT @disclosedh1: Grammarly disclosed a bug submitted by fransrosen: https://t.co/Rl4xeSJEK5 - Bounty: $3,000 #hackerone #bugbounty https://… Link with Tweet

test010118: RT @disclosedh1: Grammarly disclosed a bug submitted by fransrosen: https://t.co/Rl4xeSJEK5 - Bounty: $3,000 #hackerone #bugbounty https://… Link with Tweet

CoderRetweet: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

h4z3dic: RT @zonduu1: SSRF to fetch AWS credentials with full access to multiple services Write-Up. By far the most critical issue I found yet http…

erickjohn__: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

Gobit11: RT @du_amae: Bug Fables "A Huge Problem" Comic (page 1,2) thanks to the patrons. i hope you liked 💛 #macro #SizeTwitter #sizeplay #Bug…

100DaysOf2020: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

xaelbot: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

4n7on3s: RT @sec_r0: #JWT #JWS #JWE From JOSE headers to tokens. Clean difference in just one page. Please RT for max reach. #infosec #security #w…

----#CYBERCRIME----

ThePhantom0101: RT @c3rb3ru5d3d53c: This is where I fight #cybercrime and #malware now. #WFH not so bad now! https://t.co/movWHq51P4

femtech_: RT @rneelmani: #USDT #cryptocurrency developer ⁦@Tether_to⁩ has said they are being #extorted by threat actors who are demanding 500 #bitco…

rneelmani: #USDT #cryptocurrency developer ⁦@Tether_to⁩ has said they are being #extorted by threat actors who are demanding 5… https://t.co/GSyLgPUlCb Link with Tweet

CyberSecurityN8: RT @SATYAMM12772508: My own workplace… ( Black & White ) #cybersecurity #satmis #ceh #ethicalhacker #hacking #coding #redhawk #hackingtoo…

sectest9: RT @TalksTechno: #Chinese Hackers Target Indian Vaccine Makers @SerumInstIndia @BharatBiotech , Says Security Firm @cyfirma #cybercrime #…

botcybersec: RT @TalksTechno: #Chinese Hackers Target Indian Vaccine Makers @SerumInstIndia @BharatBiotech , Says Security Firm @cyfirma #cybercrime #…

TalksTechno: #Chinese Hackers Target Indian Vaccine Makers @SerumInstIndia @BharatBiotech , Says Security Firm @cyfirma… https://t.co/AQ0e8GqROl Link with Tweet

CalefybTech: RT @SATYAMM12772508: My own workplace… ( Black & White ) #cybersecurity #satmis #ceh #ethicalhacker #hacking #coding #redhawk #hackingtoo…

CalefybTech: RT @SATYAMM12772508: My own workplace… ( Black & White ) #cybersecurity #satmis #ceh #ethicalhacker #hacking #coding #redhawk #hackingtool…

sectest9: RT @CMoschovitis: Everything You Need to Know About Phishing and Pharming Today, the ever-evolving… #IT #CIO #data #bigdata #tech #cybers…

tresronours: cost of a cyber attack : "Universal Health Services lost $67 million due to Ryuk ransomware attack" Connected=hacke… https://t.co/nzTw1vCnKV Link with Tweet

----Hacking Updates----

Skiller9090 updated Lucifer. This repo has 86 stars and 9 watchers. This repo was created on 2020-08-05. --- A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

ChompChompDead updated Teddyhack. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-08. --- A minecraft anarchy hack client for 1.12.2.

Javk5pakfa updated hydro_flux_splitting. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-09. --- clemson-cal hack project

r-thomson updated Hackerneat. This repo has 1 stars and 1 watchers. This repo was created on 2019-01-15. --- A client-side Hacker News clone made using the Hacker News API

zweilosec updated Infosec-Notes. This repo has 9 stars and 1 watchers. This repo was created on 2020-03-05. --- Notes from various sources for preparing to take the OSCP, Capture the Flag challenges, and Hack the Box machines.

hhvm updated hsl. This repo has 66 stars and 10 watchers. This repo was created on 2017-06-27. --- The Hack Standard Library

infoaed updated opendata-portal. This repo has 0 stars and 3 watchers. This repo was created on 2016-12-09. --- Estonian Open Data Portal i18n project: scripts, translations, hacks

aigars-github updated blacklist. This repo has 0 stars and 1 watchers. This repo was created on 2020-10-24. --- IP's from which scanning, spaming or hacking attempts detected

Micheal-Vaughn25 updated JavaScriptCourse. This repo has 0 stars and 1 watchers. This repo was created on 2021-01-06. --- Working through Hack Reactor Training course for JavaScript

PikminGuts92 updated Mackiloha. This repo has 4 stars and 5 watchers. This repo was created on 2017-05-31. --- A suite of modding software for hacking milo engine based games

untsunts-code updated ironhack_webdev. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-04. --- Here I'll add scripts, notes and other material I will be working on for the Iron Hack web dev program.

FabioDefilippo updated winallenum. This repo has 2 stars and 1 watchers. This repo was created on 2020-09-24. --- Thi powershell script has got to run in remote windows host, even for pivoting

hackforla updated website. This repo has 23 stars and 17 watchers. This repo was created on 2018-04-18. --- Hack for LA's website

RFP-MOUTON updated FEC. This repo has 0 stars and 0 watchers. This repo was created on 2021-02-23. --- Our Hack Reactor FEC project

manucab updated portal_hackatones. This repo has 0 stars and 1 watchers. This repo was created on 2020-12-20. --- Hack a Boss bootcamp final project

bastien8060 updated MDPin. This repo has 21 stars and 2 watchers. This repo was created on 2021-02-17. --- MDPin is a server and a website. It contains an UI to fake a Android login screen to steal their pin code. It works via a web browser, by going into fullscreen.

algolia updated hn-search. This repo has 390 stars and 70 watchers. This repo was created on 2013-11-21. --- Hacker News Search

andrewplus updated epic-mickey-docs. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-09. --- Epic Mickey modding/hacking documentation website.

aenygma updated cnit124. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- Stuff from Prof. Biddlecome's CNIT 124 Advanced Ethical Hacking class

facebook updated hhvm. This repo has 16846 stars and 1063 watchers. This repo was created on 2010-01-02. --- A virtual machine for executing programs written in Hack.

DentClient updated DentClient. This repo has 3 stars and 1 watchers. This repo was created on 2020-06-11. --- Extra-Sneaky 1.16 hacked client

shawnvogt updated MLH-Technical-Interview-Workshop. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-27. --- My solutions to the problems assigned during the Hackers of the Galaxy: Hack the Technical Interview: Algorithms Practice Workshop

UPstartDeveloper updated Problem_Solving_Practice. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-25. --- Collection of code used to solve problems from Project Euler https://projecteuler.net/, Leetcode, and Hacker Rank.

remotehack updated bencastr. This repo has 0 stars and 3 watchers. This repo was created on 2021-02-27. --- The remote hack studio

mana0x7c3 updated hacking-notes. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- hacking-notes

----Security Updates----

Skiller9090 updated Lucifer. This repo has 86 stars and 9 watchers. This repo was created on 2020-08-05. --- A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

RelativeBinary updated spring-security-react-auth-system. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-24. --- Program which demonstrates how to use spring boot security to access a mysql db to authenticate a login attempt, currently being orignally made on the server. Still trying to figure out the client side, which will be using reactJS.

samq-wsdemo updated SecurityShepherd. This repo has 0 stars and 0 watchers. This repo was created on 2021-03-01. --- https://github.com/OWASP/SecurityShepherd.git

EnergizedProtection updated block. This repo has 1456 stars and 64 watchers. This repo was created on 2018-07-16. --- Let's make an annoyance free, better open internet, altogether!

Evolution-X updated system_security. This repo has 0 stars and 2 watchers. This repo was created on 2021-01-21. --- None

TryNeo updated sistema-control-nominas. This repo has 0 stars and 0 watchers. This repo was created on 2021-01-27. --- Proyecto reto - Sistema de Nominas para la empresa w@security

Netflix updated repokid. This repo has 862 stars and 303 watchers. This repo was created on 2017-05-25. --- AWS Least Privilege for Distributed, High-Velocity Deployment

remiminnebo updated k8s-sec. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- Guidelines regarding security in k8s cluster environments

neumaneuma updated appseccheat.codes. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-15. --- A CTF web app designed to teach software developers application security by showcasing what vulnerable code looks like, how to write code to exploit the vulnerability, and how to write code to patch the vulnerability.

aau-network-security updated haaukins. This repo has 111 stars and 11 watchers. This repo was created on 2018-07-24. --- A Highly Accessible and Automated Virtualization Platform for Security Education

Azure updated Azure-Sentinel-Notebooks. This repo has 118 stars and 25 watchers. This repo was created on 2019-10-03. --- Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

CaledoniaProject updated awesome-opensource-security. This repo has 154 stars and 12 watchers. This repo was created on 2018-02-23. --- A list of interesting open-source tools

beaglesecurity updated uptime. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-28. --- 📈 Uptime monitor and status page for Beagle Security, powered by @upptime

projectbtle updated ATT-Profiler. This repo has 5 stars and 2 watchers. This repo was created on 2017-11-27. --- Node.js tool for identifying the minimum level of security required to access characteristic values from BLE peripherals.

PurpleI2P updated i2pd. This repo has 1551 stars and 129 watchers. This repo was created on 2013-09-01. --- 🛡 I2P: End-to-End encrypted and anonymous Internet

JavaGarcia updated Neanet. This repo has 4 stars and 1 watchers. This repo was created on 2020-08-02. --- Threat intelligence

getSierralta updated SpringSecurity-PlayBox. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- Spring Security for dummies

devise-security updated devise-security. This repo has 300 stars and 10 watchers. This repo was created on 2017-08-15. --- A security extension for devise, meeting industrial standard security demands for web applications.

batfish updated batfish. This repo has 585 stars and 52 watchers. This repo was created on 2014-12-03. --- Batfish is a network configuration analysis tool that can find bugs and guarantee the correctness of (planned or current) network configurations. It enables network engineers to rapidly and safely evolve their network, without fear of outages or security breaches.

eugenp updated tutorials. This repo has 24981 stars and 1541 watchers. This repo was created on 2013-04-29. --- Just Announced - "Learn Spring Security OAuth":

hudec117 updated sf-user-perm-report. This repo has 3 stars and 1 watchers. This repo was created on 2021-02-04. --- Salesforce User Permission Report allows you to see a report of all the permissions a user has and where they are set.

opendistro-for-elasticsearch updated security-kibana-plugin. This repo has 150 stars and 22 watchers. This repo was created on 2019-02-01. --- 🔐Open Distro for Elasticsearch Security Kibana Plugin

SkowyrnyMG updated OMS-Invoicer.v1. This repo has 0 stars and 1 watchers. This repo was created on 2020-11-15. --- This app is a draft/demo version that presents my way to make living with invoices, orders and payments easier. I would like to clearly inform you that you should not use this app for your company invoicing etc. The main reason for that is I just wanted to create a fully functional application on frontend and I did not dive into backend security.

radareorg updated radare2. This repo has 14025 stars and 477 watchers. This repo was created on 2012-07-03. --- UNIX-like reverse engineering framework and command-line toolset

haoenhui updated oats-reportable. This repo has 0 stars and 1 watchers. This repo was created on 2020-12-19. --- OATS reportable security EOD list (update 23:50 UTC Mon-Fri)

----PoC Updates----

Vurv78 updated SFHaxe. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- Proof of concept Haxe Library for the lua target that adds StarfallEx bindings. This was autogenerated by a lua script I made.

lunarsoap5 updated tprandomizer-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-26. --- Twilight Princess Randomizer Seed Generator Program Proof-of-Concept

alexandregressier updated spring-microservices-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-01-02. --- A proof of concept (PoC) demonstrating the relevance of Spring for building a microservices-based application

GGERKK updated commander-kiosk. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- proof of concept for a simple information kiosk

dsidirop updated aspnet-core-dummy-two-factor-authentication. This repo has 1 stars and 1 watchers. This repo was created on 2021-02-28. --- Proof of concept website for two factor authentication

c-f updated hygo. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-28. --- Golang Proof-of-Concept for a smaller version of hydra - as a credential testing lib

EmSchoof updated UNICEF_CATS. This repo has 1 stars and 1 watchers. This repo was created on 2021-02-22. --- Department: Risk Analysis and Preparedness Section (RAPS), Office of Emergency Operations (EMOPS) Premise of Task: Contextual Alert and Trend System (CATS) is a proof of concept (POC) for an automated system for near real-time media monitoring via GDELT to identify trends and anomalies in the volume of online reports about pre-defined indicator events, at country level. This repository reflects the methodologies used to complete this task.

A3server updated Cardano-Multiplayer. This repo has 1 stars and 0 watchers. This repo was created on 2021-02-25. --- This is a proof of concept game that integrates a blockchain database to a multiplayer game

sujitpal updated vespa-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-10. --- Small Proof of Concept to familiarize myself with Vespa.ai functionality

smx-smx updated php-com. This repo has 1 stars and 1 watchers. This repo was created on 2021-03-01. --- Proof of Concept Win32 COM Object written in PHP

VikaTheDuck updated LiquorReview. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-20. --- Liquor Review Website. Personal ratings + knowledge from my 2 years working at the SAQ. Proof of concept of Angular, Bootstrap, Firebase (noSQL), Kibana (Elastic Search).

bobaekang updated poc-react-dynamic-form-input. This repo has 0 stars and 1 watchers. This repo was created on 2020-07-07. --- Proof-of-concept for a dynamically generated form based on config in JSON.

mrizzi updated poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-01-15. --- Set of projects for proof of concepts (POC) code

DPCMGroup updated swe-poc. This repo has 0 stars and 0 watchers. This repo was created on 2021-02-16. --- Repository per il "Proof Of Concept" del capitolato C1

Victor-agullo updated Steganography-PoC. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-28. --- A proof of concept of how big a file needs to be to contains a message in it.

luischobi updated vite-concept. This repo has 0 stars and 2 watchers. This repo was created on 2021-03-01. --- Vite proof of concept

nhsconnect updated prm-deductions-ehr-repository. This repo has 3 stars and 15 watchers. This repo was created on 2019-10-27. --- A Proof of Concept implementation for the storage of Patient Health Records in their native format.

vid updated shacl-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-01-19. --- proof of concept using SHACL

merrychap updated poc_exploits. This repo has 6 stars and 1 watchers. This repo was created on 2020-06-10. --- :unlock: Research and Proof of Concept exploits for various targets

tyczynski updated poc-todos-nextjs-firebase. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- Proof of concept - Todos App | Next.js / Google Firebase

jlemanski1 updated ChargeLabPOCApp. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-10. --- Proof of concept app for the Charge Lab coding challenge.

lhorrell99 updated FuturesPrototype. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-25. --- Proof of concept for DE3 Futures 2021 DLT project

cmdcolin updated jb2export. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-21. --- A static image exporter for jb2 (proof of concept)

EDULISES updated ProofConceptCryptRepo. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-01. --- This repo is a proof of concept of the encryption of the repository.

rzfuhrmann updated PHPImpftermine. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-28. --- Proof of Concept (PoC) to wrap impfterminservice.de in a PHP class, for example to notify yourself if vaccination appointments are available again.