Apple released a hearing aids feature for the AirPods Pro a while ago. I bought a pair for grandma, but then realized that the feature was geoblocked in India So we at @_lagrangepoint decided to unblock it. It ended up involving a leaky microwave and building a Faraday cage:
🚨Outlook Zero-Click🚨TLDR; Recommended Steps for Microsoft 365 Admins can be seen in this blog post. ironscales.com/blog/zero-clic… The CVE-2024-30103 vulnerability leverages a flaw in how Microsoft Outlook handles specific types of email content. An attacker can embed malicious…
Lock down those ADCS servers folks! Even templates with just the Server Authentication EKU can cause problems. Enroll for the targets Okta login portal DNS hostname and some DNS poisoning to your malicious server and you've got yourself a FastPass/Passwordless MitM
Nothing fancy here but if you want to dump emails from an Azure tenant through a device code phishing this may help. github.com/Mr-Un1k0d3r/Ms… Bonus feature you can also push your payload on the target tenant and use the shareable link in your weaponized campaign.
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol. github.com/FalconForceTea…
github.com
GitHub - FalconForceTeam/SOAPHound: SOAPHound is a custom-developed .NET data collector tool which...
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol. - FalconForceTeam/SOAPHound
CVEMAP Simple #go command line tool for getting information about CVEs: - by ID - by vendor - by product - by severity - by cvss score and much more. github.com/projectdiscove… Creator @pdiscoveryio
Abusing #AzureAD / #EntraID Domain Services part 2 from @Secureworks is out now: Dumping NTHashes from Microsoft Entra ID
Secureworks has discovered that stored Microsoft Entra ID NTHashes can be recovered and decrypted & then used in pass-the-hash attacks. Read our latest Threat Analysis to discover how this happens & how to detect it. scwx.us/cj #azure #cybersecurity
How I just got gained access to 22 unauthorized endpoints across 116 websites (260k endpoints) in about 10 minutes. Use what your comfy with. 👇
Scene in MGM Grand according to a TikTok user who said slots machines down and casino floor empty after cyber attack. She also says staff had to make and distribute physical room keys and an admin error caused her to walk in on another guest. Source: vm.tiktok.com/ZGJnKXd6R/
Microsoft Excel Python has the following registry key setting values HKCU\software\policies\microsoft\office\16.0\excel\security\PythonFunctionWarnings DWORD 0 = All Security Warnings Disabled 1 = Security Warning: Enable-Content 2 = Blocks all Python Execution
As promised, here is a blogpost on SharpSCCMs new AdminService/CMPivot capabilities. The creator of SharpSCCM, @_Mayyhem and I will be at the SpecterOps booth tomorrow @ 11am and ARSENAL @ 11:30am Thursday presenting SCCM takeover and post-ex techniques medium.com/@dlomellini/la…
Uncommon funny cyber related post on LinkedIn. The idea of CISO's doing press briefing post an incident 😂😂
#Moonlighter has reached the @Space_Station! This mini satellite from @AerospaceCorp is the world’s first & only hacking sandbox in space and will allow #cybersecurity professionals and some of the world’s best #hackers to do space-based cyber experiments: issnationallab.org/spx28-moonligh…
Can't wait to see you get hacked, Moonlighter. ❤️ @defcon @hack_a_sat
#Moonlighter has reached the @Space_Station! This mini satellite from @AerospaceCorp is the world’s first & only hacking sandbox in space and will allow #cybersecurity professionals and some of the world’s best #hackers to do space-based cyber experiments: issnationallab.org/spx28-moonligh…
United States Trends
- 1. #Worlds2025 39.8K posts
- 2. #TalusLabs N/A
- 3. Doran 16.6K posts
- 4. #T1WIN 26.4K posts
- 5. Sam Houston 1,564 posts
- 6. Boots 29.5K posts
- 7. Oregon State 4,850 posts
- 8. Lubin 5,740 posts
- 9. Faker 31.8K posts
- 10. #GoAvsGo 1,584 posts
- 11. Louisville 14.5K posts
- 12. Keria 10.1K posts
- 13. #T1fighting 3,385 posts
- 14. Miller Moss 1,242 posts
- 15. Emmett Johnson 2,560 posts
- 16. UCLA 7,864 posts
- 17. Oilers 5,267 posts
- 18. Hyan 1,372 posts
- 19. Nuss 5,731 posts
- 20. Frankenstein 126K posts
Something went wrong.
Something went wrong.