你可能會喜歡
Gonna be a hot weekend for defenders
New @metasploit aux module in the pull queue for the FortiWeb vuln (no CVE at this time). Based on the PoC captured and posted by @DefusedCyber, it leverages an auth bypass to create a new local admin account on the target. github.com/rapid7/metaspl…
Oh no, now you won't be able to easily tell that a LinkedIn post has been composed by ChatGPT
Small-but-happy win: If you tell ChatGPT not to use em-dashes in your custom instructions, it finally does what it's supposed to do!
If you do not want your commands to show up in history on Linux, just prepend them with a space character. Probably worth checking echo $HISTCONTROL on (compromised) servers indicating that history might not be trusted #DFIR #IncidentResponse
Quck analysis of new #ToolShell payload observed by @leak_ix: Paylaod is a .dll executed in memory. Sha-256: 3461da3a2ddcced4a00f87dcd7650af48f97998a3ac9ca649d7ef3b7332bd997 It collects System Info and the sensitive machine key. Sends back in response. Single Request takeover.
⚠️ New payload in the relation to #ToolShell . Attackers now don't need the static file anymore, leaking keys from memory without leaving the file. This means the existence of a file is not a reliable IoC anymore.
Those funky looking IP addresses already give it away that it‘s AI generated garbage
„Silent“… That shit lights up every alert dashboard like it‘s a christmas tree
🚨 1 COMMAND TO OWN AN ENTIRE NETWORK 🧠 Advanced Nmap Recon + Grep Filtering + Banner Fingerprinting nmap -n -Pn -sS -sV -p80 --open --script=banner -T5 192.168.1.0/24 -oG - | grep 'open' | grep -v 'tcpwrapped' ✅ Fast ✅ Silent ✅ Filters noise ✅ IDs Apache, IIS, embedded…
#Archetyp market has been taken down by law enforcement during #OperationDeepSentinel operation-deepsentinel.com
At this point, ransomware gangs really need to implement proper role-based access control - can’t have every low-level script kiddie leaking victim data like it’s happy hour at the breach buffet. Maybe start with a Data Leak Prevention Officer?
This week, the FBI disrupted LummaC2, a popular infostealer service, which conducted millions of attacks against victims. With help from partners like Microsoft, the FBI is fulfilling its mission to disrupt key services in the cybercriminal ecosystem: justice.gov/opa/pr/justice…
It‘s DNS I bet
Spain just suffered a full-scale telecom blackout. These are definitely cyber attacks!
We're proud to announce our support for @CapeSandbox , a fully open-source malware sandbox developed and maintained by a dedicated group of volunteers. After almost a year of downtime, we are extremely happy that we were able to help CAPE get back online again! 🥳 👉…
Coming soon, featuring your favorite security researchers like @Gi7w0rm and @g0njxa #RansomwareTycoon Wanting to get featured? Let me know :)
Man, that gives me milw0rm vibes. Also, if you remember milw0rm, please don't forget to book your annual colonoscopy!
Spain just suffered a full-scale telecom blackout. These are definitely cyber attacks!
![NexusFuzzy's tweet image. #Vidar #Infostealer vidars[.]su otx.alienvault.com/indicator/doma…](https://pbs.twimg.com/media/GlW2nGxXUAAZJ0o.png)
United States 趨勢
- 1. Michigan 133K posts
- 2. Ohio State 53.7K posts
- 3. Underwood 8,142 posts
- 4. Ryan Day 7,045 posts
- 5. #GoBucks 10.8K posts
- 6. Stoops 5,308 posts
- 7. Sherrone Moore 2,722 posts
- 8. Julian Sayin 5,240 posts
- 9. #TheGame 4,597 posts
- 10. Clemson 7,832 posts
- 11. #GoBlue 9,611 posts
- 12. Jeremiah Smith 8,624 posts
- 13. Bo Jackson 2,551 posts
- 14. Fortnite 213K posts
- 15. Beamer 1,658 posts
- 16. Brutus 17K posts
- 17. Vicario 4,250 posts
- 18. Kentucky 21.1K posts
- 19. Ann Arbor 5,095 posts
- 20. TTUN 2,085 posts
你可能會喜歡
-
Steve YARA Synapse Miller
@stvemillertime -
Michael Koczwara
@MichalKoczwara -
Matthew
@embee_research -
Thomas Roccia 🤘
@fr0gger_ -
3xp0rt
@3xp0rtblog -
Myrtus
@Myrtus0x0 -
Intel 471
@Intel471Inc -
Team Cymru Research
@teamcymru_S2 -
Dee
@ViriBack -
Jiří Vinopal
@vinopaljiri -
reecDeep
@reecdeep -
Kyle Cucci
@d4rksystem -
Josh Stroschein | The Cyber Yeti
@jstrosch -
Paul Melson
@pmelson -
Wietze
@Wietze
Something went wrong.
Something went wrong.