Massive ayber-attack launched by 'DragonForce Malaysia' 🇲🇾 and 'Hacktivist Indonesia' 🇮🇩 on India 🇮🇳 as a revenge amid remarks by ruling party (BJP) spokesperson Nupur Sharma on the prophet (Islam).

Around 2K websites were taken down (data stolen and defaced). These include a vast variety of governed sites.

As per source, details of Nupur Sharma were leaked including contact details and location.

As of now the attack has not stopped and over a dozen hackers participated in the onslaught.

India has cited help from Interpol and help from authorities in Malaysia 🇲🇾 and Indonesia 🇮🇩

ICYMI: https://t.me/cKureG/9925

Mangle, a tool 🔧 that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and in-memory scanners.

https://github.com/optiv/Mangle

Defeating Javascript Obfuscation.

https://www.perimeterx.com/tech-blog/2022/defeating-javascript-obfuscation/

Cyber-Attack amid Cyber-War by Russia 🇷🇺 as apparently for about 12 hours Rostelecom hijacked part of the traffic destinated to Apple 🍎

https://www.manrs.org/2022/07/for-12-hours-was-part-of-apple-engineerings-network-hijacked-by-russias-rostelecom/

Data-Leak: 4TB of proprietary data from Israel 🇮🇱 based Cellebrite (Cellebrite Mobilogy & Cellebrite TFS backup) leaked by anonymous source.

Notably, Cellebrite Mobilogy shares code with Cellebrite Universal Forensics Extraction Device or Cellebrite UFED, used by law enforcement agencies. Source: Soufiane.

Zero-Day: Paracosme (CVE-2022-33318) is the zero-click remote code execution memory corruption exploit to compromise ICONICS Genesis64 on stage at Pwn2Own2022 Miami.

https://www.zerodayinitiative.com/advisories/ZDI-22-1041/

Zero-Day used to access 5.4M user data from Twitter (confirmed by company).

https://hackerone.com/reports/1439026

https://securityaffairs.co/wordpress/134087/data-breach/twitter-zero-day-data-leak.html

https://restoreprivacy.com/twitter-vulnerability-exposes-5-million-accounts/

Unblob: A fast, accurate and easy-to-use firmware extraction suite.

https://unblob.org/

Zero-Day: 3 in-the-wild 0-days patched in the last two days:
* CVE-2022-2856 in Chrome discovered by twitter.com/ashl3y_shen & twitter.com/0xbadcafe1 of Google TAG
* CVE-2022-32893 in Safari
* CVE-2022-32894 in iOS/macOS kernel

https://docs.google.com/spreadsheets/u/0/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/htmlview#gid=1662223764

DPRK state-sponsored actors are using cryptographically signed MacOS (Apple 🍎) executables to impersonate coinbase and lure potential jobseekers in installing their spyware.

FBI claims responsibility for taking down rf.ws (RaidForums darknet marketplace).

On 31st Jan, the owner of RF, a citizen of Portugal 🇵🇹 was detained in United Kingdom 🇬🇧

https://youtu.be/Sl9S0XZJgw0