View profile

Security Highlight - Issue #6

Thomas Roccia
Thomas Roccia
Hello Friend!
This week has been a bit intense on my end, preparing for my move to Melbourne next week. Lots of things to sort and pack, it’s unbelievable how many things we keep over the years! 🌏
Travelling to Australia requires a bit of organisation. But the good things when you are relocating with a big company such as Microsoft is that you get a lot of help. Administrative papers, clearance, passport, visa and more. But of course, you still have to think about the important stuff you want to have during the first days and all of the stuff you want to bring with you.
Things get complicated when you have a one-year-old baby who travels with you… 😃
In the infosec world, the start of 2022 is interesting. Emotet returns after the holiday season as ransomware activity continued to target businesses. A few interesting articles have also been published recently. The infosec community also recently launched the #100DaysofYARA which is a challenge where anyone can participate and find out more about Yara. It was inspired by the #100DaysofCode challenge.
The Russian Federal Security Service (FSB) also said today that it has raided and shut down the operations of the REvil ransomware gang. And Shodan released a vintage version of its portal.
Below are some of the most interesting that I have read. Grab a cup of coffee and a good seat and enjoy your reading. 🤓
Must Read of the Week
How to Analyze Malicious Microsoft Office Files - Intezer
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit
Technical Analysis of Code-Signed “Blister” Malware Campaign (Part 1) - CloudSEK
Objective-See's Blog
GitHub - DarkCoderSc/PowerRemoteDesktop: Remote Desktop entirely coded in PowerShell.
New macOS vulnerability, “powerdir,” could lead to unauthorized user data access - Microsoft Security Blog
15 members of REvil has been arrested by the Russian authorities.

REvil, once dubbed the "Crown prince of Ransomware", was responsible for the Kaseya supply chain attack, and many other high-profile breaches.

Footage courtesy of the FSB.
Meme of the week
via @TimmehWimmy
via @TimmehWimmy
Did you enjoy this issue? Yes No
Thomas Roccia
Thomas Roccia @fr0gger_

An occasional newsletter where you will get useful cybersecurity content for your career and your daily work. 🤟

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.