내가 좋아할 만한 콘텐츠
New Blog Post: MalDoc in PDF - Detection bypass by embedding a malicious Word file into a PDF file - ^TN blogs.jpcert.or.jp/en/2023/08/mal…
Do not mistake the serenity of a professional for peace.
Something is happening at Digicert. It looks like on many Windows systems the VeriSign Class 3 Public Primary Certification Authority - G5 root certificate (serial: 18dad19e267de8bb4a2158cdcc6b3b4a) has been revoked as of around 9 hours ago.
Had some fun last weekend with dumping NTHashes from #AzureAD / #EntraID ◾ I can now force AADConnect to use my certificate to encrypt Windows legacy credentials 😈 ◾ Forcing full password hash sync on AzureAD Connect syncs all NTHashes encrypted with my certificate 😱 Not a…
Finally my talk from @x33fcon is online! 🔥 I try my best to explain what websites could do to protect the users against reverse proxy phishing attacks like Evilginx.🪝🐟 There is also a bonus live demo at the end with some Evilginx Pro secret sauce! 💡 youtube.com/watch?v=C-Fh4s…
youtube.com
YouTube
16. How Much Is The Phish? Evolving Defences Against Evilginx Reverse...
Handy little tool you may not be aware of; IdFix, if you are having issues with certain objects not syncing up to Microsoft Entra ID from on-premises Active Directory, this can help you find and fix the problems - microsoft.github.io/idfix/
Agencies are throwing it all into the cloud at the behest of a certain cohort of software engineers/manager types with acronyms and credential letters splattered all over their LinkedIn—with zero analysis of workload variability, deployment frequency and software leverage points.
Reassuring message for Commonwealth Bank customers after $10 billion profit announcement.
Dropping #Downfall, exploiting speculative forwarding of 'Gather' instruction to steal data from hardware registers. #MeltdownSequel - Practical to exploit (POC/Demo) - Defeat all isolation boundaries (OS, VM, SGX) - Bypass all Meltdown/MDS mitigations. downfall.page
#PingCastle 3.1 released !!! pingcastle.com/download/ Active Directory & AzureAD security health check in seconds >200k AD audited, management readable, no install, no admin, no data sent "to a cloud" Example of report: pingcastle.com/PingCastleFile… github: github.com/vletoux/pingca…
First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.html
⚡️💻 BREAKING: Wiz Research reveals surprising elements of the recent Microsoft Storm-0558 incident — it's much bigger than you thought! Here's what you need to know:
Done my talk in #bsidesbrisbane . Great vibes. Thank you everyone who listened to my talk. If someone happen to have a picture of me presenting, I appreciate if you can share that photo.
Meta turned over their DMs, used as evidence to convict them on felony charges for accessing criminalized healthcare. Meta had no choice -- they had the data so had to hand it over. End-to-end encryption keeps people safe. jezebel.com/nebraska-mom-p…
jezebel.com
Nebraska Mom Pleads Guilty to Giving Abortion Pills to Her Teen Daughter
Jessica Burgess faced eight years in prison for helping her then 17-year-old get abortion pills. A plea deal brought it down to two.
Nobody knows what the hell a DBA does but trust me you do not want to be doing it.
A security director that hired me on but I no longer report to told me one of the greatest wisdom shots I've ever heard: Every network they've ever defended is a mix of accidentally great security decisions baked-in & thus accepted as trivial — and profoundly innovative failure.
Not even #tradingStandards know what to do. No Directors but still trading... and leaking everyone's #PII and #paymentData
Stumbled upon an enormous breach (PII, payment info, stripe keys, Facebook, Google, email private keys etc) and upon reporting to the business, it has no directors! Trading illegally & thus nobody I can contact or relay info to. It's a first for me. Thoughts?
📅 The schedule for #BSidesBrisbane is here! It's packed with thrilling talks and amazing networking opportunities. 🎉 Join us on 15 July 2023 for a day of cyber security knowledge sharing and collaboration. Check out the full schedule at bsidesbrisbane.com/schedule/
United States 트렌드
- 1. #Talus_Labs N/A
- 2. Good Wednesday 28K posts
- 3. #wednesdaymotivation 5,137 posts
- 4. Hump Day 15.3K posts
- 5. #HeartQuakeMV 241K posts
- 6. ZEENUNEW CRAZY SINGLE 240K posts
- 7. $BYND 130K posts
- 8. Bwipo 1,393 posts
- 9. #Wednesdayvibe 1,914 posts
- 10. Usha Vance 9,895 posts
- 11. Howard University N/A
- 12. Happy Hump 9,898 posts
- 13. Izzo N/A
- 14. Keke 6,007 posts
- 15. Froot N/A
- 16. St. John Paul 2,799 posts
- 17. #WednesdayWisdom N/A
- 18. Beyond Meat 7,704 posts
- 19. SEKI HONEYMOON X LINGORM 536K posts
- 20. Jen Psaki 11.5K posts
내가 좋아할 만한 콘텐츠
-
Jorge Orchilles
@jorgeorchilles -
James Hodgkinson
@yaleman43381258 -
Ankit Anubhav
@ankit_anubhav -
techbhanu
@techbhanu1 -
Harshit Mahajan
@HarshitRMahajan -
Rafael Brinhosa 🛡️
@brinhosa -
Tom Garrity
@tomgarrity -
Tom Town
@TomTown28040225 -
G I R L W I T H L U V
@_ipurpleyou5_ -
@[email protected]
@pathetiq -
Doc Dave
@forensicdave -
BenAylett.com
@BenAylett -
iiA
@tecadv101
Something went wrong.
Something went wrong.