— A collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!
Industry Reports, News, and Miscellany
- Week in OSINT — #49
- Caution! Ryuk Ransomware decryptor damages larger files, even if you pay
- Story of the year 2019: Cities under ransomware siege
- THE 2019 SANS HOLIDAY HACK CHALLENGE
- Not so Merry Kerberos’mas!
- Which security certification is for you (if any)
- Emotet’s annual season’s greetings are here with its campaign for holiday-themed email subjects and malicious attachment files
Threat Research – Malware, Phishing, and other Campaigns in the Wild
- Who is REFINED KITTEN?
- This Advanced Keylogger Delivers a Cryptocurrency Miner
- (Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing
- Zeppelin: Russian Ransomware Targets High Profile Users in the U.S. and Europe
- DROPPING ANCHOR: FROM A TRICKBOT INFECTION TO THE DISCOVERY OF THE ANCHOR MALWARE
- Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT
- A look at the recent BuleHero botnet payload
- Operation Gamework: Infrastructure Overlaps Found Between BlueAlpha and Iranian APTs
- More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
- DeCypherIT – All eggs in one basket
- Snatch ransomware reboots PCs into Safe Mode to bypass protection
- New Echobot Variant Exploits 77 Remote Code Execution Flaws
- Phishing Campaign Uses Malicious Office 365 App
- ChinaZ Updates Toolkit by Introducing New, Undetected Malware
Tools and Tips
- (Lazy) Sunday Maldoc Analysis: A Bit More …
- Swift on Security Updates Sysmon Rules
- Tracking Malware Campaigns Using String Metrics
- Top Tips to Spot Tech Support Scams
- Context matters: harnessing creativity to triage security alerts
Breaches, Government, and Law Enforcement
- New Orleans city government hit by ransomware; workers told to turn off, unplug computers
- Federal council to Trump: Cyber threats pose ‘existential threat’ to the nation
- Cyberattack downs Pensacola computers hours after Navy base attack
Vulnerabilities and Exploits
- Multiple Vulnerabilities in Apple Products Could Allow for Arbitrary Code Execution
- Microsoft Patch Tuesday – December 2019
- Talos Vulnerability Discovery Year in Review — 2019
- Critical VMware Vulnerability (OpenSLP)
- US-CERT Bulletin (SB19-343): Vulnerability Summary for the Week of December 2, 2019