— A collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!
Industry Reports, News, and Miscellany
- Assassination, Retaliation, and Implications
- Is Cyber Retaliation from Iran Imminent?
- Bulletproof hosting – there’s a new kid in town
- Ghosts in the Clouds: Inside China’s Major Corporate Hack
- ‘Shattered’: Inside the secret battle to save America’s undercover spies in the digital age
- Growing your intelligence team beyond cyber
- Ransomware attack forces Arkansas CEO to fire 300 employees days before Christma
Threat Research – Malware, Phishing, and other Campaigns in the Wild
- The Curious Case of DeathRansom: Part I and Part II
- New evasion techniques found in web skimmers
- US-Cert Alert (AA19-339A Dridex Malware Updated)
- The Mac Malware of 2019
- The Tale of the Pija-Droid Firefinch
- From Zero to Lateral Movement in 36 Minutes
Tools and Tips
- Intel Insights: How to Secure PowerShell
- DMARC for Transportation: How to Stop Email-based Brand Impersonation Attacks
- Using the InterPlanetary File System For Offensive Operations
- Here Be Dragons: Reverse Engineering with Ghidra – Part 1 [Data, Functions & Scripts]
- OSCD: Threat Detection Sprint #1
- Resource Collection Project: Awesome Forensics
- UnpacMe now supports tighter integration with Malpedia
- Introducing Unfurl
- Solving a VM-based CrackMe
Breaches, Government, and Law Enforcement
- School management software provider discloses severe security breach
- Army Follows Pentagon Guidance, Bans Chinese-Owned TikTok App
- US Coast Guard Warns Over Ryuk Ransomware Attacks
- Microsoft takes court action against fourth nation-state cybercrime group
- CCPA – Quick Overview
Vulnerabilities and Exploits
- End-of-Support Software Report List
- Cisco critical bugs: Nexus data center switch software needs patching now
- US-CERT Bulletin (SB19-364) Vulnerability Summary for the Week of December 23, 2019