— A collection of infosec links to Tools & Tips, Threat Research, and more! The focus trends toward DFIR and threat intelligence, but general information security and hacking-related topics are included as well. This list is not vetted nor intended to be an exhaustive source. Keeping up with the enormous volume of security-related information is a daunting task, but this is my way of filtering the most useful items and improving the signal to noise ratio. Happy Reading!
Industry Reports, News, and Miscellany
- RiskIQ’s 2019 Black Friday E-commerce Blacklist Report: Crucial Intel for Thanksgiving Weekend
- Scamming and Smishing while Shopping
- Mail Services an Emerging Vector for Financial Fraud
- Exploit kits: fall 2019 review
- Cryptominers, ransomware among top malware in IR engagements in Q4
- New CrowdStrike Report Reveals Organizations’ Attitudes Toward Cybersecurity Readiness
- The Epidemic Analysis of Ransomware in October 2019
- Black Friday Deals on the Dark Web: A cybercriminal shopper’s paradise
- Two Years of Malware Research Slack Group – Anniversary Event
Threat Research – Malware, Phishing, and other Campaigns in the Wild
- Registers as “Default Print Monitor”, but is a malicious downloader. Meet DePriMon
- New Spam Campaign Impersonates a Variety of Government Agencies from Different Countries
- Fake Windows Update Spam Leads to Cyborg Ransomware and Its Builder
- ACBackdoor: Analysis of a New Multiplatform Backdoor
- Web skimmer phishes credit card data via rogue payment service platform
- Mac Backdoor Linked to Lazarus Targets Korean Users
- Phorpiex Breakdown
- Phoenix: The Tale of the REsurrected Keylogger
- “Say Cheese!” An analysis of foto.lnk
- MALICIOUS PHISHING EMAIL SUBJECT LINES
- New SectopRAT: Remote access malware utilizes second desktop to control browsers
- Exploring the Human Fingerprints on Malware
Tools and Tips
- Introducing the Funnel of Fidelity
- Modern Wireless Tradecraft Pt IV — Tradecraft and Defensive Strategy
- Packers: What’s in the Box?
- Gathering information to determine unusual network traffic
- Anti-Sandboxing: Malware Evasion Techniques Part 3
- What is Privilege Escalation & How I Never Won an OSCP Voucher
- PREVENT Legitimate Windows Executables To Be Used To Gain Initial Foothold In Your Infrastructure
- JIRA workflow for Detection Engineering teams
- ATT&CKing Threat Management
- Hands-on Guide to Digital Forensics
- The Problems With Today’s Red Teaming
Breaches, Government, and Law Enforcement
- Louisiana was hit by Ryuk, triggering another cyber-emergency
- Disney+ Account Passwords Found on Dark Web: Prevent Your Account from Being Sold
- Smartphone maker OnePlus discloses data breach
- T-Mobile discloses security breach
- 110 Nursing Homes Cut Off from Health Records in Ransomware Attack
Vulnerabilities and Exploits
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
- How Attackers Could Hijack Your Android Camera to Spy on You
- Long-known Vulnerabilities in High-Profile Android Applications
- US-CERT Bulletin (SB19-322) Vulnerability Summary for the Week of November 11, 2019