@y0no@mastodon.tedomum.net
RT @cnotin@twitter.com
🇫🇷 ANSSI does not recommend anymore to enforce password expiry, except for privileged accounts.
Of course renewal must be triggered if a leak is suspected.
Big change with the end of this old rule. France finally in line with other international recommendations. https://twitter.com/ANSSI_FR/status/1446414418166812672
RT @binitamshah@twitter.com
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP cameras/NVR firmware ,Patch now (*CVE-2021-36260) : https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html credits @Watchful_IP@twitter.com
🐦🔗: https://twitter.com/binitamshah/status/1441686358104285187
RT @ClusirNormandie@twitter.com
[🛡️ #Adhérent] Bienvenue à @ACEService2@twitter.com qui rejoint le #CLUSIR #Normandie.
ACE Service accompagne ses clients depuis plus de 10 ans sur leurs problématiques de cybersécurité en fournissant des services autour de : l'audit, l'intégration, la mise en œuvre et l'hébergement.
🐦🔗: https://twitter.com/ClusirNormandie/status/1440212983720800260
RT @wassiniazirar@twitter.com
🔴 #Cybersecurite : l'AP-HP annonce avoir porté plainte auprès du Procureur de la République de Paris après avoir constaté le vol de fichiers contenant des données nominatives, à la suite d’une attaque informatique conduite au cours de l’été et confirmée le 12 septembre dernier.
🐦🔗: https://twitter.com/wassiniazirar/status/1438208377436442628
RT @cyb3rops@twitter.com
Sigma rule to detect CVE-2021-40444 exploitation activity
- Office program with control.exe child seems to be stable enough (1 exception)
- also works for the RTF vector https://twitter.com/WLesicki/status/1435691458980352012
- control.exe + .cpl isn't good enough
Une vulnérabilité critique du composant MSHTML de Microsoft a été détectée et peut mener à une exécution de code. Pour le moment pas de patch officiel mais des contournements sont possibles notamment via la désactivation d'ActiveX. #infosec
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
RT @securestep9@twitter.com
#OWASP Top 10 2021 DRAFT is out!!!
Now available for peer review, comment, translation, and suggestions for improvements:
🐦🔗: https://twitter.com/securestep9/status/1435698276045672457
RT @j0nh4t@twitter.com
Need local admin and have physical access?
- Plug a Razer mouse (or the dongle)
- Windows Update will download and execute RazerInstaller as SYSTEM
- Abuse elevated Explorer to open Powershell with Shift+Right click
Tried contacting @Razer@twitter.com, but no answers. So here's a freebie
RT @ldionmarcil@twitter.com
idk why I havent thought of this before, but its very easy to hide those "external sender" warnings that get appended to your emails during phishing campaigns 🤔. Email gateways/FW just add HTML at the start/end of emails, simply add CSS to hide it! #RedTeam
See images:
🐦🔗: https://twitter.com/ldionmarcil/status/1384987686113583107
RT @binitamshah@twitter.com
tmpmail : A temporary email right from your terminal written in POSIX sh : https://github.com/sdushantha/tmpmail credits @sidheart@twitter.com
🐦🔗: https://twitter.com/binitamshah/status/1425409268774146051
Je ne pensais pas avoir besoin d'un MiSTer jusqu'à ce que je vois ces beautés 😍
RT @MisterAddons@twitter.com
Time for my (belated) 5K follower giveaway! Winner gets their choice of #MiSTerFPGA kit (color, and IO board)! To enter: follow, like, and quote retweet adding something interesting. Winner will be chosen on 8/15/21 at whatever time I feel like. Tweet me if I forget, haha.
🐦🔗: https://twitter.com/MisterAddons/status/1421718757936799750
RT @BlueTeamJK@twitter.com
Infosec Memes FTW
🐦🔗: https://twitter.com/BlueTeamJK/status/1420012708083208201
RT @yeswehack@twitter.com
🥁 We're thrilled to announce that we've raised €16M in our Series B funding! So today, we want to thank you, hunters, for making up our community. We wouldn’t be here without you! #HackThePlanet #YesWeRHackers
Full announcement: https://bit.ly/3hVXBWp
🐦🔗: https://twitter.com/yeswehack/status/1418114447428792321
RT @Sh0ckFR@twitter.com
Updated PrintNightmare exploitability diagram for better understanding</troll>
"c'est moi qui a la plus grosse"
Bande de guignols...
RT @blueorigin@twitter.com
From the beginning, New Shepard was designed to fly above the Kármán line so none of our astronauts have an asterisk next to their name. For 96% of the world’s population, space begins 100 km up at the internationally recognized Kármán line.
🐦🔗: https://twitter.com/blueorigin/status/1413521627116032001
RT @matthieugarin@twitter.com
🚨 #Ouch Grosse fuite de données chez LinkedIn : les données perso de presque tous les utilisateurs en vente 🔥💶 700M de personnes !! https://9to5mac.com/2021/06/29/linkedin-breach/
➡️ Nom, email, tel📱, adresse, expériences... mais aussi le salaire déduit par #LinkedIn 💰 (ce sujet va faire parler !)
🐦🔗: https://twitter.com/matthieugarin/status/1409897575990411266
RT @asso_hzv@twitter.com
La CoVID vous as donné plus de temps pour faire du hacking ?
Les meets @asso_hzv@twitter.com et @_leHACK_@twitter.com vous manquent ?
Vous voulez rencontrer les hackers les plus chaud de votre région ?
Alors rejoignez dès maintenant le Discord de HZV !
https://discord.gg/kRWUcBX8y7
RT @yeswehack@twitter.com
🤝 @nehatarick@twitter.com wrote an article on how to setup an Android environment with Genymotion, Frida & Burp Suite!
You can read the full article juste here 👇
🐦🔗: https://twitter.com/yeswehack/status/1407708462868537349
RT @mpgn_x64@twitter.com
Finally CrackMapExec can now fetch all domain users when the DC is vulnerable to NULL Session 🎉
Prior to this, CME what useless except for the password policy option 😓
No more enum4linux, rpclient etc, all great tools but I prefere one tool to rule them all 🔥
