● IMHO; disabling JavaScript on any browser for all sites by default prevents 99% of the known attack vectors. For site like Facebook and other social media, white-listing can be done.

Latest Edge is significantly secure as it prevents most trackers from running by default unlike chrome.

Data Exfiltration via CSS + SVG Font by Masato Kinugawa.

https://youtu.be/iUzNA2St3Bc

Thread: https://twitter.com/kinugawamasato/status/1464884299195322371

Jumping the air gap: 15 years of nation-state effort.

ESET researchers studied all the malicious frameworks ever reported publicly that have been used to attack air-gapped networks and are releasing a side-by-side comparison of their most important TTPs.

https://www.eset.com/us/about/newsroom/press-releases/eset-research-analyzes-malicious-frameworks-targeting-air-gapped-networks-dissects-15-years-of-nati-1/

https://www.welivesecurity.com/2021/12/01/jumping-air-gap-15-years-nation-state-effort/

Decompile directly in VS code.

https://marketplace.visualstudio.com/items?itemName=tintinweb.vscode-decompiler

Interesting thread!

https://twitter.com/SonarSource/status/1468973725072564225

🔧 s3n (Search-Scan-Save-Notify)

A tool to scrape online web-content (APIs, RSS Feeds, or Websites) and notify if search term was hit. It is based on PHP.

https://github.com/AamerShah/s3n

Credits: twitter.com/Aamer_Sha

Voice Cloning (RTVC)

https://github.com/CorentinJ/Real-Time-Voice-Cloning

Interesting thread on RCE in Ghidra via log4j (CVE-2021-44228)

https://twitter.com/zhuowei/status/1469511822411767811

Python Log4RCE PoC | Log4Shell | CVE-2021-44228

https://github.com/alexandre-lavoie/python-log4rce

Rodan Telecom Exploitation Framework

https://github.com/Etisalat-Egypt/Rodan

Zero-Day: A deep dive into the Israeli 🇮🇱 state sponsored cyber-crime spyware via zero-click iMessage exploit: Remote Code Execution.

https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html

Chrome: Site Isolation bypass via NavigationPreloadRequest.

https://bugs.chromium.org/p/project-zero/issues/detail?id=2239

Trend Micro's Web Based scanner for CVE-2021-44228 aka Log4Shell.

log4j-tester.trendmicro.com

Pegasus vs. Predator as Dissident’s Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware from a startup in Macedonia 🇲🇰 an apparent competition with the state sponsored crimeware (lets call it so) of Israel 🇮🇱

A citizen-lab report.

https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/

CVE-2021-44228 aka Log4shell summarized.

https://m.youtube.com/watch?v=w2F67LbEtnk

🔧 Tool: Mariana Trench; a security focused static analysis platform targeting Android.

https://github.com/facebook/mariana-trench

Data-Leak: State sponsored Cyber-Crime syndicate from India 🇮🇳 using Tek Fog: An App With BJP (the ruling party); Footprints for Cyber Troops to Automate Hate, Manipulate Trends.

https://thewire.in/tekfog/en/1.html

An interesting thread on SquirrelWaffle, Qakbot and Emotet using the same C2 servers linked to hundreds of websites from India 🇮🇳

https://twitter.com/1ZRR4H/status/1485413045975330822

Zero-Day: A vulnerability in Polkit's pkexec component identified as CVE-2021-4034 (PwnKit) is present in the default configuration of all major Linux distributions and can be exploited to gain full root privileges on the system, researchers warn today.

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

https://www.bleepingcomputer.com/news/security/linux-system-service-bug-gives-root-on-all-major-distros-exploit-released/