By utilising the free domain scan tooling created here at CanIPhish, you can visualise the full extent of your email sender and receiver supply chains.
https://caniphish.com/phishing-resources/blog/compromising-australian-supply-chains-at-scale

The attackers make a request to the exploit CAB file with an XMLHttpRequest.
https://billdemirkapi.me/unpacking-cve-2021-40444-microsoft-office-rce/

Hackers targeted cybersecurity researchers and developers this week in a sophisticated malware campaign distributing a malicious version of the dnSpy.
https://www.bleepingcomputer.com/news/security/trojanized-dnspy-app-drops-malware-cocktail-on-researchers-devs/

Get more expert training with L33TSP3AK: Advanced hunting in Microsoft 365 Defender, a webcast series for analysts looking to expand their technical knowledge and practical skills in conducting security investigations using advanced hunting in Microsoft 365 Defender.
https://docs.microsoft.com/en-us/microsoft-365/security/defender/advanced-hunting-expert-training

In the standard vmware logs you will largely not see exploitation.
https://www.pwndefend.com/2022/01/07/log4shell-exploitation-and-hunting-on-vmware-horizon-cve-2021-44228/

RAUDI automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers.
https://github.com/cybersecsi/RAUDI

Execute NPM securely by separating the script execution from the install phase.
https://medium.com/cider-sec/npm-might-be-executing-malicious-code-in-your-ci-without-your-knowledge-e5e45bab2fed

As the name suggests, Power Remote Desktop is a Remote Desktop application entirely coded in PowerShell.
https://github.com/DarkCoderSc/PowerRemoteDesktop

On Linux kernel exploit development, this series follows the same pattern of exploit mitigations using pwn.
https://breaking-bits.gitbook.io/breaking-bits/exploit-development/linux-kernel-exploit-development

You can use default admin password :).Until now, I try 3 Audio Door Locks and all of them have default passwords.
https://sockpuppets.medium.com/bypassing-door-passwords-4004b8d7995

Personal Identifiable Information detection and remediation in AWS Glue is now available in preview.
https://aws.amazon.com/about-aws/whats-new/2022/01/aws-glue-preview-pii-detection-remediation/

If the firewall only sees the return packets, they are dropped as the firewall has no prior state information about the flow.
https://medium.com/sensorfu/lopsided-routing-a-stealthy-hole-punch-into-fortigate-6f25b2805b9c

To build this project run docker-compose run -rm ebpf make all.
https://github.com/redcanaryco/redcanary-ebpf-sensor

We're looking forward to welcoming the Siemplify team to Google Cloud and working with them to help security operations teams accomplish so much more in defense of their organizations.
https://cloud.google.com/blog/products/identity-security/raising-the-bar-in-security-operations

Unlike the previously described NOBELIUM spear phishing attacks disclosed by Microsoft, the downloaded ISO files no longer contained a malicious DLL and a shortcut aimed to launch that DLL. In both cases, the ISO simply embeds a malicious HTML Application file, executing the rest of the exploitation chain.
https://www.sekoia.io/en/nobeliums-envyscout-infection-chain-goes-in-the-registry-targeting-embassies/