Data-Leak: A new leak, 18,000 records of Swiss bank accounts holding more than $100 billion in assets are called #SuisseSecrets.

The leak will come from the investigative journalists consortium OCCRP.

Waiting for the next "PanamaPaper" v.2.0.

Researchers from China's 🇨🇳 Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA).

https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/

https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html

Cyber-War by Russia 🇷🇺: Samples of the destructive MBR wiper targeting Ukraine 🇺🇦

Samples: https://samples.vx-underground.org/APTs/2022/2022.02.23(2)/

CVE-2022-21971: Uninitialized pointer free in prauthproviders.

https://github.com/0vercl0k/CVE-2022-21971

Re-ReBreakCaptcha: Breaking Google’s ReCaptcha v2 using.. Google.. Again – East-Ee Security (By Yair Mizrahi).

https://east-ee.com/2022/02/28/1367/

Verbatim viz
Anonymous!

"We successfully staged a cyber attack against the Belarusian railway infrastructure, designed to halt Russian military movements. Trains stopped in Minsk, Orsha, and Osipovichi

The railway system uses Windows XP. "
Russia 🇷🇺 vs Ukraine 🇺🇦 Cyber-War

https://twitter.com/AnonUkraine_/status/1498251582760267776

⚠️ Leaked stolen Nvidia cert can sign Windows malware.

An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems.

https://go.theregister.com/feed/www.theregister.com/2022/03/05/nvidia_stolen_certificate/

Malware now using stolen NVIDIA code signing certificates.

According to samples uploaded to the VirusTotal malware scanning service, the stolen certificates were used to sign various malware and hacking tools, such as Cobalt Strike beacons, Mimikatz, backdoors, and remote access trojans.

https://www.bleepingcomputer.com/news/security/malware-now-using-stolen-nvidia-code-signing-certificates/

There are active credentials being harvested via Stealer malware.

The undermentioned is a list of government sites affected.

https://docs.google.com/spreadsheets/u/0/d/1KC615oNu1GJN4hymAR1Hxe1M46WG_FW4UMmHWbD3y3s/htmlview

🔧 Tool: Ligolo; reverse tunneling made easy for pentesters, by pentesters.

https://github.com/sysdream/ligolo

A lock with many keys: Spoofing DNSSEC-signed domains in 8.8.8.8.

https://www.sidnlabs.nl/en/news-and-blogs/a-lock-with-many-keys-spoofing-dnssec-signed-domains-in-8-8-8-8

An ancient guide to all warfare. By Sun Tzu.

● I had heard about it as a child and read it once I was trained as a hacker. I can say; it makes sense.

Dirty Pipe -> kernel r/w+selinux disabled+root shell on Pixel 6 Pro and Sasmsung S22 latest update.

Source: https://twitter.com/i/status/1503422980612923404

B1txor20, A Linux Backdoor Using DNS Tunnel.

https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en

A phishing / MITM tool 🔧 | Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication .

https://github.com/kgretzky/evilginx2

Automated pentesting / BugBounty.

https://yogeshojha.github.io/rengine/

Captcha-killer-modified for Burpsuite.

https://github.com/f0ng/captcha-killer-modified

Zero-Day in a Vmware product leads to unauthenticated remote code execution via Web interface.

Vmware is aware about the bug and is patching.

There is no patch to the Zero-Day. However, workarounds include use of WAF and disabling features.