你可能會喜歡
Phorion Threat Report: a backdoored Cursor extension was used to deploy the Paradox Stealer infostealer into macOS developer workflows. The post breaks down the full infection chain, detection opportunities and why IDE extensions have become a reliable point of initial access.…
🍎☕️ A new LPE for macOS Tahoe. 100% reliable, instant root. <3 Shared work with @gergely_kalman . That coffee shop was awesome 😎
Worked with @sysop_host. A file can show a benign script but runs the hidden payload when executed through osascript. It seems that when a compiled AppleScript exists in the resource fork, osascript will run this and ignore the contents of the data fork.
I wrote a thing about some recent dabbling with AppleScripts 0x626c6f67.xyz/posts/hiding-c…
I wrote a thing about some recent dabbling with AppleScripts 0x626c6f67.xyz/posts/hiding-c…
Calling all London #redteam and cyber crew! Save the date 23 Nov 23 for #Beacon23: a hacker-run microcon for discussions and talks on all things around #offensivesecurity with informal drinks and music til 10pm, near Old Street. Register on Eventbrite at l.ocalho.st
A standalone tweet; I have made my book fully free for those that want it, and it's also available to pay some money for if you want to support my blog/work: Free: blog.zsec.uk/ltr101-copies-… Paid: leanpub.com/ltr101-breakin… #ltr101 #CyberMonday #BlackFriday #InfosecStudents
WIP: the ability to update Athena comms type during execution. Example Situation: You want to run a SOCKS proxy, but don't want to send a billion HTTP requests, you can switch to the websocket c2 profile and run your proxy in a stealthier way
This
If your entire enterprise security model crumbles because a user fell for a phish, that's not the user's fault.
Ever wondered how a QR code works? No, me neither but it's low-key fascinating. (Warning, there is some extremely nerdy shit here.👇 )
ANNOUNCEMENT: We are very happy to announce that Security BSides Sydney Conference 2022 will be held on 27th November this year - lock the date in! #bsides #bsidessyd CFP opening soon!
Join @psychsecurity in his talk on Sun at 10:05am "A brief guide to outflanking TCC" as he discusses design flaws within the macOS TTC and demonstrate techniques to access privacy features during offensive operations. He will also present his OSS Tool. bsidesmelbourne.com/2022-tcc.html
🆕 Update(s): 🐛 Bug assigned CVE-2022-28756 🩹 Patch now available, in Zoom v5.11.5 (9788) See Zoom's security bulletin: explore.zoom.us/en/trust/secur… Mahalos to @Zoom for the (incredibly) quick fix! 🙌🏽 🙏🏽
Hey @1Password the 1Pass 8 SSH agent is great, but it would be nicer still if it prompted to unlock other accounts when no matching key is found in any of the currently unlocked one. I have multiple account with separate master passwords so they don’t all unlock together.
[BLOG] Fun post on how to combine evilginx by @mrgretzky and BITB by @mrd0x. rastamouse.me/evilginx-meet-…
We are releasing #BloodHound 4.2 soon. In the meantime, check out the difference between the design of BloodHound 1.0's graph and BloodHound 4.2's graph:
Dear CAPTCHA makers, please include a gravy boat with “select all boats” challenges.
“Innovative”
If your entire enterprise security model crumbles because a user fell for a phish, that's not the user's fault.
United States 趨勢
- 1. Steelers 35.1K posts
- 2. Vikings 26.3K posts
- 3. Josh Allen 9,359 posts
- 4. Tomlin 7,996 posts
- 5. Brock Bowers 2,517 posts
- 6. Rodgers 11K posts
- 7. Bills 78.7K posts
- 8. Panthers 51.6K posts
- 9. Ole Miss 105K posts
- 10. Howard 12.3K posts
- 11. Justin Jefferson 4,067 posts
- 12. Brosmer 9,596 posts
- 13. #HereWeGo 3,817 posts
- 14. Mason Rudolph 1,586 posts
- 15. Rams 33.8K posts
- 16. Seahawks 21.4K posts
- 17. Colts 34.8K posts
- 18. #Skol 2,863 posts
- 19. Arthur Smith N/A
- 20. Herbert 7,613 posts
你可能會喜歡
-
@[email protected]
@christruncer -
Tim MalcomVetter
@malcomvetter -
Chris Thompson
@retBandit -
Tyler Robinson
@tyler_robinson -
Spiros Fraganastasis
@m3g9tr0n -
Willi Ballenthin
@williballenthin -
Chris Nickerson
@indi303 -
Andrew Case
@attrc -
Devon Kerr
@_devonkerr_ -
Andrew Chiles
@AndrewChiles -
Ryan Dewhurst
@ethicalhack3r -
Rob Maslen
@rbmaslen -
Und3rf10w
@Und3rf10w -
Ben Turner 🇬🇧
@benpturner -
Josh Pitts
@ausernamedjosh
Something went wrong.
Something went wrong.