Ben

Thanks to @strandjs , @HackingDave and countless others in in the community who stood by our colleagues. It was cool to see the community come together in this event!https://www.coalfire.com/News-and-Events/Press-Releases/Charges-Dismissed-Against-Coalfire-Employees?fbclid=IwAR3sCQWBBdAXcGybe4Se-Gi7CAVVNTdTtZvUNA4fUhtD54fMPiDrrL-euVQ …

New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed"https://www.vice.com/en_us/article/qjdkq7/avast-antivirus-sells-user-browsing-data-investigation …

This weekend is your last chance to vote for the Top 10 (new) Web Hacking Techniques of 2019! Voting closes Monday.https://portswigger.net/polls/top-10-web-hacking-techniques-2019 …

We are committed to the security of our products & we are making every effort to ensure all customers are supported in response to #CVE201919781. To that end, we have teamed up with @FireEye on a scanner that aids customers in the detection of compromise.https://www.citrix.com/blogs/2020/01/22/citrix-and-fireeye-mandiant-share-forensic-tool-for-cve-2019-19781/ …

CALL FOR REQUESTS: Much of Sysmon-config was written years ago and it’s time for serious updates and reorganization. Some teach it as a template of Windows monitoring, but it has gaps in explaining what things do. If there’s a change you want, let me know.https://github.com/SwiftOnSecurity/sysmon-config …

Sysmon-config V71 release +Enable IMPHASH Processes: -Remove Microsoft Monitoring agent -Remove Defender Files: +.job Folder: +SysWOW64 tasks folder Registry: +Classes\PROTOCOLS\ +083863F1-70DE-11d0-BD40-00A0C911CE86}\ +Sysinternals \EulaAcceptedhttps://github.com/SwiftOnSecurity/sysmon-config/commit/443afc3684444b2064d91524c2f9f0bcca6ba977 …

Rambler will drop NGINX criminal casehttps://www.zdnet.com/article/rambler-will-drop-nginx-criminal-case/?ftag=COS-05-10aaa0g&taid=5dfa29fbe293e80001960b8d&utm_campaign=trueAnthem%3A+Trending+Content&utm_medium=trueAnthem&utm_source=twitter …

You have two weeks left to join our Capture the Flag contest and win a Nintendo Switch, or cool GitHub swag! Write a CodeQL query to find a specific class of DOM-based XSS vulnerabilities.https://securitylab.github.com/ctf/jquery