The February 2021 Security Update Review
https://www.zerodayinitiative.com/blog/2021/2/9/the-february-2022-security-update-review

Trickbot masrv Module
https://www.kryptoslogic.com/blog/2021/02/trickbot-masrv-module/

Kobalos – A complex Linux threat to high performance computing infrastructure
https://www.welivesecurity.com/2021/02/02/kobalos-complex-linux-threat-high-performance-computing-infrastructure/

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/

Ransomware Payments Fall as Fewer Companies Pay Data Exfiltration Extortion Demands
https://www.coveware.com/blog/ransomware-marketplace-report-q4-2020

Abusing Google Chrome extension syncing for data exfiltration and C&C
https://isc.sans.edu/forums/diary/Abusing+Google+Chrome+extension+syncing+for+data+exfiltration+and+CC/27066/

Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies
https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
https://azure.microsoft.com/mediahandler/files/resourcefiles/3-ways-to-mitigate-risk-using-private-package-feeds/3%20Ways%20to%20Mitigate%20Risk%20When%20Using%20Private%20Package%20Feeds%20-%20v1.0.pdf

New phishing attack uses Morse code to hide malicious URLs
https://www.bleepingcomputer.com/news/security/new-phishing-attack-uses-morse-code-to-hide-malicious-urls/

Launching OSV - Better vulnerability triage for open source
https://opensource.googleblog.com/2021/02/launching-osv-better-vulnerability.html

SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments
https://www.cbsnews.com/news/solarwinds-hack-russia-cyberattack-60-minutes-2021-02-14/

BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech
https://unit42.paloaltonetworks.com/bendybear-shellcode-blacktech/

Here’s part three of this fascinating series.

Avast Hacker Archives Episode 3: Chris Roberts
https://blog.avast.com/avast-hacker-archives-episode-3-chris-roberts-avast

Bob your link is messed up, this just throws you into a Post window loop for THIS topic…

Appologies, I’ve corrected the post to reflect the correct link which is,
https://blog.avast.com/avast-hacker-archives-episode-3-chris-roberts-avast

No problem, working fine now.

NUMBER:JACK – Forescout Research Labs Finds Nine ISN Generation Vulnerabilities Affecting TCP/IP Stacks
https://www.forescout.com/company/blog/numberjack-forescout-research-labs-finds-nine-isn-generation-vulnerabilities-affecting-tcpip-stacks/
https://www.forescout.com/company/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/

CVE-2021-24092: 12 Years in Hiding – A Privilege Escalation Vulnerability in Windows Defender
https://labs.sentinelone.com/cve-2021-24092-12-years-in-hiding-a-privilege-escalation-vulnerability-in-windows-defender/

TrickBot’s BazarBackdoor malware is now coded in Nim to evade antivirus
https://www.bleepingcomputer.com/news/security/trickbots-bazarbackdoor-malware-is-now-coded-in-nim-to-evade-antivirus/

Web shell attacks continue to rise
https://www.microsoft.com/security/blog/2021/02/11/web-shell-attacks-continue-to-rise/