A collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!
Industry Reports, News, and Miscellany
- Meet the white-hat group fighting Emotet, the world’s most dangerous malware
- Notifiable Data Breaches Report: Office of the Australian Information Commissioner (PDF)
- Oregon FBI Tech Tuesday: Building a Digital Defense with Passwords
- RiskIQ’s 2019 Mobile App Threat Landscape Report: The Mobile Ecosystem Swells, but Google Leads a Decline in Malicious Apps
- Hacking Activity of SectorC Group in 2019
- BEC Weekly: Feb 2020 – Week ¾
- Developing Cybersecurity Skills Through Deliberate Practice
- How to Calculate and Communicate Your Desired Total Compensation
Threat Research
- New Cyber Attack Campaign Leverages the COVID-19 Infodemic
- Roaming Mantis, part V
- Domen toolkit gets back to work with new malvertising campaign
- New Research Paper: Prevalence and impact of low-entropy packing schemes in the malware ecosystem
- Convolutional Neural Networks Are MALE Models for PE Malware
- Quick look at a couple of current online scam campaigns
- Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT
- RATs Wrapped and Hidden in PNG
- Invoice Fraud with Everything the Bad of Tricks Has to Offer
- Revealing the Trick | A Deep Dive into TrickLoader Obfuscation
- TRICKBOT DELIVERY METHOD GETS A NEW UPGRADE FOCUSING ON WINDOWS 10
Tools and Tips
- Intel Insights: How to Restrict Server Message Block
- CPR evasion encyclopedia: The Check Point evasion repository
- Want fast DFIR results? Learn how with the EZ Tools command-line poster
- Offensive Tools Are For Blue Teams Too
- Evidence Indicators for Targeted Ransomware Attacks – Part II
- How to harden your employees from the massive social engineering threat
- Statically Reverse Engineering Shellcode Techniques: Stage 2
- More adventures with shell code and the Shikata Ga Nai Encoder
Breaches, Government, and Law Enforcement
- #RSAC: Election Security Beyond the Ballot Box
- Former Microsoft software engineer convicted of 18 federal felonies for stealing more than $10 million in digital value such as gift cards
- The Cybersecurity 202: The Justice Department is giving up on an encryption truce with Big Tech
- DoppelPaymer Ransomware Launches Site to Post Victim’s Data
- Data breach hits agency overseeing White House communications
- FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data
Vulnerabilities and Exploits
- Vulnerability in OpenSMTPD Could Allow for Remote Code Execution
- KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices
- What’s Old Is New, What’s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today
- US-CERT: Bulletin (SB20-055) Vulnerability Summary for the Week of February 17, 2020