RT @gael_duval@twitter.com

🔥Many open positions at ECORP... 🧑🏻‍🤝‍🧑🏻🧑🏻‍🤝‍🧑🏻🧑🏻‍🤝‍🧑🏻

Want to build the most avdanced, degoogled, pro-privacy mobile ecosystem? 📱🖥️ Join us!


🐦🔗: twitter.com/gael_duval/status/

Honteux. L'objectif d'une redteam sera toujours de protèger pas juste de pwn...

RT @campuscodi@twitter.com

Randori discovered and used a Palo Alto Networks GlobalProtect VPN zero-day (CVE-2021-3064) as part of its red team engagements for a year before disclosing the issue to the vendor


🐦🔗: twitter.com/campuscodi/status/

RT @Synacktiv@twitter.com

Check our new internship position! Let's hunt backdoors, tools or configurations that could maintain the (silent) presence of an attacker in a system. Good knowledge required in Windows and ready-to-learn in computer forensics.
🇫🇷 synacktiv.com/recherche-sur-le

🐦🔗: twitter.com/Synacktiv/status/1

RT @hkashfi@twitter.com

Turns out CVE-2021-22205 has been actually a pre-auth RCE, unlike what original advisory stated. security.humanativaspa.it/gitl

🐦🔗: twitter.com/hkashfi/status/145

RT @expliot_io@twitter.com

Halloween 🎃 Giveaway Alert 📢

The trick: Download our eBook (bit.ly/3lGxc0p), hit the follow button, like & reshare this post.

1 lucky winner gets a chance to win EXPLIoT Nano

The winner will be announced on 31st October 2021 📅

🐦🔗: twitter.com/expliot_io/status/

RT @cnotin@twitter.com

🇫🇷 ANSSI does not recommend anymore to enforce password expiry, except for privileged accounts.
Of course renewal must be triggered if a leak is suspected.

Big change with the end of this old rule. France finally in line with other international recommendations. twitter.com/ANSSI_FR/status/14

🐦🔗: twitter.com/cnotin/status/1446

RT @binitamshah@twitter.com

Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP cameras/NVR firmware ,Patch now (*CVE-2021-36260) : watchfulip.github.io/2021/09/1 credits @Watchful_IP@twitter.com

🐦🔗: twitter.com/binitamshah/status

RT @ClusirNormandie@twitter.com

[🛡️ ] Bienvenue à @ACEService2@twitter.com qui rejoint le .
ACE Service accompagne ses clients depuis plus de 10 ans sur leurs problématiques de cybersécurité en fournissant des services autour de : l'audit, l'intégration, la mise en œuvre et l'hébergement.

🐦🔗: twitter.com/ClusirNormandie/st

RT @wassiniazirar@twitter.com

🔴 : l'AP-HP annonce avoir porté plainte auprès du Procureur de la République de Paris après avoir constaté le vol de fichiers contenant des données nominatives, à la suite d’une attaque informatique conduite au cours de l’été et confirmée le 12 septembre dernier.

🐦🔗: twitter.com/wassiniazirar/stat

RT @cyb3rops@twitter.com

Sigma rule to detect CVE-2021-40444 exploitation activity

- Office program with control.exe child seems to be stable enough (1 exception)
- also works for the RTF vector twitter.com/WLesicki/status/14
- control.exe + .cpl isn't good enough


🐦🔗: twitter.com/cyb3rops/status/14

Une vulnérabilité critique du composant MSHTML de Microsoft a été détectée et peut mener à une exécution de code. Pour le moment pas de patch officiel mais des contournements sont possibles notamment via la désactivation d'ActiveX.


RT @securestep9@twitter.com

Top 10 2021 DRAFT is out!!!
Now available for peer review, comment, translation, and suggestions for improvements:


🐦🔗: twitter.com/securestep9/status

RT @j0nh4t@twitter.com

Need local admin and have physical access?
- Plug a Razer mouse (or the dongle)
- Windows Update will download and execute RazerInstaller as SYSTEM
- Abuse elevated Explorer to open Powershell with Shift+Right click

Tried contacting @Razer@twitter.com, but no answers. So here's a freebie

🐦🔗: twitter.com/j0nh4t/status/1429

RT @d4rckh@twitter.com

Here's a quick cheatsheet on moving your cursor quickly in bash.

🐦🔗: twitter.com/d4rckh/status/1427

RT @ldionmarcil@twitter.com

idk why I havent thought of this before, but its very easy to hide those "external sender" warnings that get appended to your emails during phishing campaigns 🤔. Email gateways/FW just add HTML at the start/end of emails, simply add CSS to hide it!

See images:

🐦🔗: twitter.com/ldionmarcil/status

RT @binitamshah@twitter.com

tmpmail : A temporary email right from your terminal written in POSIX sh : github.com/sdushantha/tmpmail credits @sidheart@twitter.com

🐦🔗: twitter.com/binitamshah/status

Je ne pensais pas avoir besoin d'un MiSTer jusqu'à ce que je vois ces beautés 😍

RT @MisterAddons@twitter.com

Time for my (belated) 5K follower giveaway! Winner gets their choice of kit (color, and IO board)! To enter: follow, like, and quote retweet adding something interesting. Winner will be chosen on 8/15/21 at whatever time I feel like. Tweet me if I forget, haha.

🐦🔗: twitter.com/MisterAddons/statu

RT @yeswehack@twitter.com

🥁 We're thrilled to announce that we've raised €16M in our Series B funding! So today, we want to thank you, hunters, for making up our community. We wouldn’t be here without you!
Full announcement: bit.ly/3hVXBWp

🐦🔗: twitter.com/yeswehack/status/1

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!