RT @cnotin@twitter.com

🇫🇷 ANSSI does not recommend anymore to enforce password expiry, except for privileged accounts.
Of course renewal must be triggered if a leak is suspected.

Big change with the end of this old rule. France finally in line with other international recommendations. twitter.com/ANSSI_FR/status/14

🐦🔗: twitter.com/cnotin/status/1446

RT @binitamshah@twitter.com

Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP cameras/NVR firmware ,Patch now (*CVE-2021-36260) : watchfulip.github.io/2021/09/1 credits @Watchful_IP@twitter.com

🐦🔗: twitter.com/binitamshah/status

RT @ClusirNormandie@twitter.com

[🛡️ ] Bienvenue à @ACEService2@twitter.com qui rejoint le .
ACE Service accompagne ses clients depuis plus de 10 ans sur leurs problématiques de cybersécurité en fournissant des services autour de : l'audit, l'intégration, la mise en œuvre et l'hébergement.

🐦🔗: twitter.com/ClusirNormandie/st

RT @wassiniazirar@twitter.com

🔴 : l'AP-HP annonce avoir porté plainte auprès du Procureur de la République de Paris après avoir constaté le vol de fichiers contenant des données nominatives, à la suite d’une attaque informatique conduite au cours de l’été et confirmée le 12 septembre dernier.

🐦🔗: twitter.com/wassiniazirar/stat

RT @cyb3rops@twitter.com

Sigma rule to detect CVE-2021-40444 exploitation activity

- Office program with control.exe child seems to be stable enough (1 exception)
- also works for the RTF vector twitter.com/WLesicki/status/14
- control.exe + .cpl isn't good enough


🐦🔗: twitter.com/cyb3rops/status/14

Une vulnérabilité critique du composant MSHTML de Microsoft a été détectée et peut mener à une exécution de code. Pour le moment pas de patch officiel mais des contournements sont possibles notamment via la désactivation d'ActiveX.


RT @securestep9@twitter.com

Top 10 2021 DRAFT is out!!!
Now available for peer review, comment, translation, and suggestions for improvements:


🐦🔗: twitter.com/securestep9/status

RT @j0nh4t@twitter.com

Need local admin and have physical access?
- Plug a Razer mouse (or the dongle)
- Windows Update will download and execute RazerInstaller as SYSTEM
- Abuse elevated Explorer to open Powershell with Shift+Right click

Tried contacting @Razer@twitter.com, but no answers. So here's a freebie

🐦🔗: twitter.com/j0nh4t/status/1429

RT @d4rckh@twitter.com

Here's a quick cheatsheet on moving your cursor quickly in bash.

🐦🔗: twitter.com/d4rckh/status/1427

RT @ldionmarcil@twitter.com

idk why I havent thought of this before, but its very easy to hide those "external sender" warnings that get appended to your emails during phishing campaigns 🤔. Email gateways/FW just add HTML at the start/end of emails, simply add CSS to hide it!

See images:

🐦🔗: twitter.com/ldionmarcil/status

RT @binitamshah@twitter.com

tmpmail : A temporary email right from your terminal written in POSIX sh : github.com/sdushantha/tmpmail credits @sidheart@twitter.com

🐦🔗: twitter.com/binitamshah/status

Je ne pensais pas avoir besoin d'un MiSTer jusqu'à ce que je vois ces beautés 😍

RT @MisterAddons@twitter.com

Time for my (belated) 5K follower giveaway! Winner gets their choice of kit (color, and IO board)! To enter: follow, like, and quote retweet adding something interesting. Winner will be chosen on 8/15/21 at whatever time I feel like. Tweet me if I forget, haha.

🐦🔗: twitter.com/MisterAddons/statu

RT @yeswehack@twitter.com

🥁 We're thrilled to announce that we've raised €16M in our Series B funding! So today, we want to thank you, hunters, for making up our community. We wouldn’t be here without you!
Full announcement: bit.ly/3hVXBWp

🐦🔗: twitter.com/yeswehack/status/1

"c'est moi qui a la plus grosse"
Bande de guignols...

RT @blueorigin@twitter.com

From the beginning, New Shepard was designed to fly above the Kármán line so none of our astronauts have an asterisk next to their name. For 96% of the world’s population, space begins 100 km up at the internationally recognized Kármán line.

🐦🔗: twitter.com/blueorigin/status/

RT @matthieugarin@twitter.com

🚨 Grosse fuite de données chez LinkedIn : les données perso de presque tous les utilisateurs en vente 🔥💶 700M de personnes !! 9to5mac.com/2021/06/29/linkedi

➡️ Nom, email, tel📱, adresse, expériences... mais aussi le salaire déduit par 💰 (ce sujet va faire parler !)

🐦🔗: twitter.com/matthieugarin/stat

RT @asso_hzv@twitter.com

La CoVID vous as donné plus de temps pour faire du hacking ?
Les meets @asso_hzv@twitter.com et @_leHACK_@twitter.com vous manquent ?
Vous voulez rencontrer les hackers les plus chaud de votre région ?
Alors rejoignez dès maintenant le Discord de HZV !

🐦🔗: twitter.com/asso_hzv/status/14

RT @yeswehack@twitter.com

🤝 @nehatarick@twitter.com wrote an article on how to setup an Android environment with Genymotion, Frida & Burp Suite!

You can read the full article juste here 👇


🐦🔗: twitter.com/yeswehack/status/1

RT @mpgn_x64@twitter.com

Finally CrackMapExec can now fetch all domain users when the DC is vulnerable to NULL Session 🎉

Prior to this, CME what useless except for the password policy option 😓

No more enum4linux, rpclient etc, all great tools but I prefere one tool to rule them all 🔥

🐦🔗: twitter.com/mpgn_x64/status/14

Show older

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!