Breachkey

CrowdStrike Falcon agents are imploding right now and causing a Blue Screen of Death boot loop on every endpoint. Reports of massive outages globally. reddit.com/r/crowdstrike/…

Lots of foreign election influence news/drops this week. Here's one from @CISAgov, @FBI, & @ODNIgov highlighting a few tactics we're seeing from the "usual suspects" (Russia, China, Iran): narrative farming, AI generated images & Audio clips, hack & leaks, paying witting & unwitting cutouts (PR firms!) to spread messages, & flooding social media with content to create illusion of consensus. So what do we do about this: 1) AI Companies need to monitor & disrupt abuse of platforms (in line w/ the Tech Accord to Combat Deceptive Use of AI) 2) Fed govt needs to ID & intervene in Foreign info ops 3) Election officials need to ramp up communications w/ voters on how elections work & where to get authentic info 4) We (the people) need to become harder targets, take a beat before getting riled up. Remember, the majority of RU, CN, & IRN efforts target on existing divides, they're playing us against each other. If there's one thing most people hate is getting manipulated, and the Kremlin is trying its damnedest here... cisa.gov/sites/default/…

The #FBI released a joint Cybersecurity Advisory detailing the tactics and indicators of compromise related to BianLian, a ransomware developer, deployer, and data extortion cyber criminal group. Read more to help protect your networks: ic3.gov/Media/News/202… #StopRansomware

🌐@CISAgov and @DHSgov are working with @NIST to prepare for the launch of a new cryptographic standard to protect against future quantum-based threats. Learn more about this effort and read go.usa.gov/xJh9B #Cryptograpy #Cybersecurity #IT #Quantum #Technology

NEW #DFIR Course | COMING SOON Authored by Sean O'Connor (@vHUMINT) & @thegrugq #FOR589 #DarkWeb #ThreatHunting & #BlockchainForensics teaches to hunt #DarkWebIntelligence, investigate illicit #Blockchain & analyze #Cryptocurrency evidence 👉sans.org/u/1lUA

Lapsus$ member? (based on the bookmarks in the screenshot) #opsecfail github.com/llraudseppll

15 members of REvil has been arrested by the Russian authorities. REvil, once dubbed the "Crown prince of Ransomware", was responsible for the Kaseya supply chain attack, and many other high-profile breaches. Footage courtesy of the FSB.

An incoming blog detailing the short synpo[psis behind Emotet return...."Corporate Loader "Emotet": History of "X" Project Return for Ransomware"

#Emotet is back! Moved from RSA to ECC keys: joesandbox.com/analysis/52268… #malware #dfir #infosec

Diving Deep into UNC1151’s Infrastructure: Ghostwriter and beyond | prevailion.com/diving-deep-in… @prevailion

Simps #IoT Botnet #Malware Targeting #RCE vulnerabilities in Huawei (CVE-2017-17215) , Realtek (CVE-2014-8361) cc:@r3dbU7z @bad_packets

Just a prop, but still pretty cool.

Alright, folks, let's talk about Cobalt Strike! mandiant.com/resources/defi… (Sorry, red team pals. This one is for my defense buddies!) 🧵

Just found a new potential #MirrorBlast #TA505 domain: - int-onedrive[.]com Fun fact: In 12 of 200 documented TA505 domains used for their Get2/SDBBot campaigns between September 2019 and Decmeber 2020, they used the keyword "onedrive".

[ALERT] DESORDEN GROUP claimed to have hacked ACER INDIA SERVERS.

DETECTION OPP: We’re seeing increased Qbot activity, including new TTPs that we haven’t previously associated with this threat. While we haven’t observed the ultimate payload delivered by Qbot, this trend is concerning given that Qbot is often a precursor to Conti ransomware. 1/6

If you have deployed Microsoft Defender for Endpoint this is the guide for you.

NEW BLOG POST!! In this blog post, I have shared my experience with the NEW CVE-2021-40444. xret2pwn.github.io/CVE-2021-40444… #redteam #infosec #CyberSecurity #CVE

'According to Mujahid, the only Taliban promise is that it will not let anyone use the Afghan soil against the U.S. and its allies. However, two reasons leave few doubts about whether al-Qaeda will again use Afghanistan in the future (...)' thesoufancenter.org/intelbrief-202…

Yes, it's back! Your weekly overview of OSINT related topics in Week in #OSINT! H/T: @kirbstr @aware_online @LorandBodo @LogicallyAI @brechtcastel sector035.nl/articles/2021-…