Easy AV bypass in email: noxxi.de/research/mime-…

I've created a new Repo with useful @VirusTotal Intelligence (aka Virustotal Enterprise) search queries for Threat Hunting purposes 🎯 👿 > please provide your favourite queries as pull requests github.com/Neo23x0/vti-do…

zdnet.com/article/chinas…

Cyberinsurance and Acts of War - Schneier on Security schneier.com/blog/archives/…

Identifying Cobalt Strike team servers in the wild – Fox-IT International blog blog.fox-it.com/2019/02/26/ide…

We all know that feeling

Oh really? reddit.com/r/worldnews/co…

Capital One Data Breach Affects 106 Million People, Suspect Arrested - by Lawrence Abrams bleepingcomputer.com/news/security/…

“I guess I'm willing to risk it in order to get internet access.” decisiondata.org/news/report-82…

zdnet.com/article/at-t-e…

zdnet.com/article/irania…

spamhaus.org/news/article/7…

If you are ever scratching your head about what OS a host is, sometimes you can tell via ping: subinsb.com/default-device…

Writeup on Defray ransomware: aon.com/cyber-solution…

We've refocused to be as agile and powerful as possible to defend you against cyber attacks. We are Mandiant. mndt.info/2YlVHHq

More than three-quarters of the average codebase for commercial apps consists of open-source software, according to a recent Synopsys report. And half of those codebases had at least one known, high-risk vulnerability: readme.security/ghosts-of-log4…

Log4j From the Trenches Max Thauer (Max Thauer) walks the BSidesCharm audience through attack scenarios that leverage the Log4j exploit. youtu.be/CWyjQNsFUjc

Today Mandiant published a blog on APT45, a North Korean threat actor active since 2009 that is financially motivated and targets critical infrastructure. cloud.google.com/blog/topics/th…