tl;dr of Today -Lockbit ransomware group taunts FBI -LAPSUS$ Telegram still active, despite arrests -Raccoon Stealer developer died in the midst of the invasion of Ukraine -IT Army of Ukraine breaches Yandex food delivery database, exposing FSB agents who ordered food

Spring RCE 0day？ set @CacheResult(cacheName = "51pwn", skipGet = false...) If you know me go sleep.... github.com/hktalent/sprin…

I thought JavaScript was great until I had to debug someone else’s mess of a Chrome extension

Yesterday U.S. Cyber Command Director Gen. Paul Nakasone confirmed for the first time that the U.S. had conducted offensive cyber operations in support of Ukraine. More info: thehill.com/policy/cyberse…

Canary tools are great, but if you ever generate and run an .exe, expect to get non stop triggers from MS IPs

Threat Intelligence Tip: The most dangerous internet nerds are the ones with anime profile pictures

Microsoft rolls back decision to block Office macros by default - Sergiu Gatlan bleepingcomputer.com/news/microsoft…

Maldocs are back. APT's and ransomware operators around the world got a huge break by Microsoft today

I found this in the process memory of a loaded Brute Ratel C4 samples reported by Unit42 Is that the org that leaked the framework or just an arbitrary UserAgent set by the threat actor? If it's the latter, I'd be sorry unit42.paloaltonetworks.com/brute-ratel-c4… Sample bazaar.abuse.ch/sample/d71dc7b…

Bug bounty twitter is wild. They're out here like "cat is a tool that is used by millions every day, but only 0.001% of those are masters of cat. Check out my 🧵to become a master of cat #bugbountytips" And then it's like 5 basic things jacked straight from the top of man cat.

In our latest blog post, we publish a MS "won't fix" unauthenticated SSRF to RCE in Microsoft Office Online Server mdsec.co.uk/2022/10/micros… by Manish Kishan Tanwar

From our headquarters underneath the Vatican, happy Halloween! Today we release the first edition of our new publication Black Mass. Special thanks to our Editor in Chief Helen (of Tor) for all of her hard work. papers.vx-underground.org/papers/Other/V…

Looks like Chrome now blocks sites from writing to the clipboard without user interaction. It's still able to be written to through a gesture (ex. clicking a button) even if you've denied clipboard access. #chrome

Stealing passwords from infosec Mastodon - without bypassing CSP portswigger.net/research/steal…

Welp, I thought I'd hop on the ~novel~ C2 train by using canary tokens as a transfer medium. It's still in development, but I'll (publicly) link the repo when it's stable. #c2 #redteam

This is the first I'm seeing this👀

The best VDP swag award goes to NCSC-NL

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…