CrowdStrike Falcon agents are imploding right now and causing a Blue Screen of Death boot loop on every endpoint. Reports of massive outages globally. https://t.co/cS9Zt4SagH

Lots of foreign election influence news/drops this week. Here's one from @CISAgov, @FBI, & @ODNIgov highlighting a few tactics we're seeing from the "usual suspects" (Russia, China, Iran): narrative farming, AI generated images & Audio clips, hack & leaks, paying witting &

The #FBI released a joint Cybersecurity Advisory detailing the tactics and indicators of compromise related to BianLian, a ransomware developer, deployer, and data extortion cyber criminal group. Read more to help protect your networks: https://t.co/3KYRUDreBw #StopRansomware

🌐@CISAgov and @DHSgov are working with @NIST to prepare for the launch of a new cryptographic standard to protect against future quantum-based threats. Learn more about this effort and read  https://t.co/xA1670mnoQ #Cryptograpy #Cybersecurity #IT #Quantum #Technology

NEW #DFIR Course | COMING SOON Authored by Sean O'Connor (@vHUMINT) & @thegrugq #FOR589 #DarkWeb #ThreatHunting & #BlockchainForensics teaches to hunt #DarkWebIntelligence, investigate illicit #Blockchain & analyze #Cryptocurrency evidence 👉 https://t.co/dvChjmHMTu

Lapsus$ member? (based on the bookmarks in the screenshot) #opsecfail https://t.co/3oMPkPAu7a

15 members of REvil has been arrested by the Russian authorities. REvil, once dubbed the "Crown prince of Ransomware", was responsible for the Kaseya supply chain attack, and many other high-profile breaches. Footage courtesy of the FSB.

An incoming blog detailing the short synpo[psis behind Emotet return...."Corporate Loader "Emotet": History of "X" Project Return for Ransomware"

#Emotet is back! Moved from RSA to ECC keys: https://t.co/XK5qi5lj2I #malware #dfir #infosec

Diving Deep into UNC1151’s Infrastructure: Ghostwriter and beyond | https://t.co/DqBI9vxZki @prevailion

Simps #IoT Botnet #Malware Targeting #RCE vulnerabilities in Huawei (CVE-2017-17215) , Realtek (CVE-2014-8361) cc:@r3dbU7z @bad_packets

Just a prop, but still pretty cool.

Alright, folks, let's talk about Cobalt Strike! https://t.co/v2gmWXp5CO (Sorry, red team pals. This one is for my defense buddies!) 🧵

Just found a new potential #MirrorBlast #TA505 domain: - int-onedrive[.]com Fun fact: In 12 of 200 documented TA505 domains used for their Get2/SDBBot campaigns between September 2019 and Decmeber 2020, they used the keyword "onedrive".

[ALERT] DESORDEN GROUP claimed to have hacked ACER INDIA SERVERS.

DETECTION OPP: We’re seeing increased Qbot activity, including new TTPs that we haven’t previously associated with this threat. While we haven’t observed the ultimate payload delivered by Qbot, this trend is concerning given that Qbot is often a precursor to Conti ransomware. 1/6

If you have deployed Microsoft Defender for Endpoint this is the guide for you.

NEW BLOG POST!! In this blog post, I have shared my experience with the NEW CVE-2021-40444. https://t.co/eMDWrotILW #redteam #infosec #CyberSecurity #CVE

'According to Mujahid, the only Taliban promise is that it will not let anyone use the Afghan soil against the U.S. and its allies. However, two reasons leave few doubts about whether al-Qaeda will again use Afghanistan in the future (...)' https://t.co/7TJBkLAboG

Yes, it's back! Your weekly overview of OSINT related topics in Week in #OSINT! H/T: @kirbstr @aware_online @LorandBodo @LogicallyAI @brechtcastel https://t.co/i3IHkoMTzV