你可能會喜歡
Phorion Threat Report: a backdoored Cursor extension was used to deploy the Paradox Stealer infostealer into macOS developer workflows. The post breaks down the full infection chain, detection opportunities and why IDE extensions have become a reliable point of initial access.…
🍎☕️ A new LPE for macOS Tahoe. 100% reliable, instant root. <3 Shared work with @gergely_kalman . That coffee shop was awesome 😎
Worked with @sysop_host. A file can show a benign script but runs the hidden payload when executed through osascript. It seems that when a compiled AppleScript exists in the resource fork, osascript will run this and ignore the contents of the data fork.
I wrote a thing about some recent dabbling with AppleScripts 0x626c6f67.xyz/posts/hiding-c…
I wrote a thing about some recent dabbling with AppleScripts 0x626c6f67.xyz/posts/hiding-c…
Calling all London #redteam and cyber crew! Save the date 23 Nov 23 for #Beacon23: a hacker-run microcon for discussions and talks on all things around #offensivesecurity with informal drinks and music til 10pm, near Old Street. Register on Eventbrite at l.ocalho.st
A standalone tweet; I have made my book fully free for those that want it, and it's also available to pay some money for if you want to support my blog/work: Free: blog.zsec.uk/ltr101-copies-… Paid: leanpub.com/ltr101-breakin… #ltr101 #CyberMonday #BlackFriday #InfosecStudents
WIP: the ability to update Athena comms type during execution. Example Situation: You want to run a SOCKS proxy, but don't want to send a billion HTTP requests, you can switch to the websocket c2 profile and run your proxy in a stealthier way
This
If your entire enterprise security model crumbles because a user fell for a phish, that's not the user's fault.
Ever wondered how a QR code works? No, me neither but it's low-key fascinating. (Warning, there is some extremely nerdy shit here.👇 )
ANNOUNCEMENT: We are very happy to announce that Security BSides Sydney Conference 2022 will be held on 27th November this year - lock the date in! #bsides #bsidessyd CFP opening soon!
Join @psychsecurity in his talk on Sun at 10:05am "A brief guide to outflanking TCC" as he discusses design flaws within the macOS TTC and demonstrate techniques to access privacy features during offensive operations. He will also present his OSS Tool. bsidesmelbourne.com/2022-tcc.html
🆕 Update(s): 🐛 Bug assigned CVE-2022-28756 🩹 Patch now available, in Zoom v5.11.5 (9788) See Zoom's security bulletin: explore.zoom.us/en/trust/secur… Mahalos to @Zoom for the (incredibly) quick fix! 🙌🏽 🙏🏽
Hey @1Password the 1Pass 8 SSH agent is great, but it would be nicer still if it prompted to unlock other accounts when no matching key is found in any of the currently unlocked one. I have multiple account with separate master passwords so they don’t all unlock together.
[BLOG] Fun post on how to combine evilginx by @mrgretzky and BITB by @mrd0x. rastamouse.me/evilginx-meet-…
We are releasing #BloodHound 4.2 soon. In the meantime, check out the difference between the design of BloodHound 1.0's graph and BloodHound 4.2's graph:
Dear CAPTCHA makers, please include a gravy boat with “select all boats” challenges.
“Innovative”
If your entire enterprise security model crumbles because a user fell for a phish, that's not the user's fault.
United States 趨勢
- 1. Ravens 57.1K posts
- 2. Lamar 45.7K posts
- 3. Bengals 51.1K posts
- 4. #heatedrivalry 10.6K posts
- 5. ilya 13.8K posts
- 6. shane 16.3K posts
- 7. Joe Burrow 20.3K posts
- 8. Zay Flowers 4,082 posts
- 9. Cowboys 92.5K posts
- 10. Chiefs 108K posts
- 11. #WhoDey 3,605 posts
- 12. Hudson 11.1K posts
- 13. Derrick Henry 4,418 posts
- 14. Perine 1,577 posts
- 15. #hrspoilers 1,283 posts
- 16. Sarah Beckstrom 210K posts
- 17. Harbaugh 3,097 posts
- 18. Zac Taylor 2,604 posts
- 19. AFC North 2,300 posts
- 20. connor storrie 1,702 posts
你可能會喜歡
-
@[email protected]
@christruncer -
Tim MalcomVetter
@malcomvetter -
Chris Thompson
@retBandit -
Tyler Robinson
@tyler_robinson -
Spiros Fraganastasis
@m3g9tr0n -
Willi Ballenthin
@williballenthin -
Chris Nickerson
@indi303 -
Andrew Case
@attrc -
Devon Kerr
@_devonkerr_ -
Andrew Chiles
@AndrewChiles -
Ryan Dewhurst
@ethicalhack3r -
Rob Maslen
@rbmaslen -
Und3rf10w
@Und3rf10w -
Ben Turner 🇬🇧
@benpturner -
Josh Pitts
@ausernamedjosh
Something went wrong.
Something went wrong.