RT @GreyNoiseIO@twitter.com
GreyNoise is detecting a sharply increasing number of hosts opportunistically exploiting Apache Log4J CVE-2021-44228. Exploitation occurring from ~100 distinct hosts, almost all of which are Tor exit nodes. Tags available to all users and customers now.
https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22
🐦🔗: https://twitter.com/GreyNoiseIO/status/1469326260803416073
RT @CERT_FR@twitter.com
⚠️Alerte CERT-FR⚠️
CERTFR-2021-ALE-022 : Vulnérabilité dans Apache Log4j (10 décembre 2021)
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-022/
RT @cyb3rops@twitter.com
I've created this gist as a scratchpad on which I can improve the commands over the course of the day
https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
Bah alors @ADNormandie@twitter.com, c'est ça votre mission ? :)
RT @clement_michel@twitter.com
Ivre le CM d'@ADNormandie@twitter.com retweet Valeurs Actuelles avec son compte pro #NeutralitePolitique #RienAFaireIci
🐦🔗: https://twitter.com/clement_michel/status/1467946799612760074
RT @rimpq@twitter.com
🔥Design Issues Of Modern EDRs: Bypassing ETW-Based Solutions by @binarly_io@twitter.com
[BLOG]➡️https://www.binarly.io/posts/Design_issues_of_modern_EDRs_bypassing_ETW-based_solutions
RT @noraj_rawsec@twitter.com
The Invisible JavaScript Backdoor
https://certitude.consulting/blog/en/invisible-backdoor/
🐦🔗: https://twitter.com/noraj_rawsec/status/1463603200737652739
RT @gael_duval@twitter.com
🔥Many open positions at ECORP... 🧑🏻🤝🧑🏻🧑🏻🤝🧑🏻🧑🏻🤝🧑🏻
Want to build the most avdanced, degoogled, pro-privacy mobile ecosystem? 📱🖥️ Join us!
#mydataisMYdata #hiring #techjobs #android #phpjobs #wordpressdeveloper #remotejobs #remotework
#privacy #opensource
🐦🔗: https://twitter.com/gael_duval/status/1460200201084362755
Honteux. L'objectif d'une redteam sera toujours de protèger pas juste de pwn...
RT @campuscodi@twitter.com
Randori discovered and used a Palo Alto Networks GlobalProtect VPN zero-day (CVE-2021-3064) as part of its red team engagements for a year before disclosing the issue to the vendor
https://www.randori.com/blog/cve-2021-3064/
🐦🔗: https://twitter.com/campuscodi/status/1458668057040097283
RT @Synacktiv@twitter.com
Check our new internship position! Let's hunt backdoors, tools or configurations that could maintain the (silent) presence of an attacker in a system. Good knowledge required in Windows and ready-to-learn in computer forensics.
🇫🇷 https://www.synacktiv.com/recherche-sur-les-moyens-de-persistance.html
🐦🔗: https://twitter.com/Synacktiv/status/1458492485383163909
RT @hkashfi@twitter.com
Turns out CVE-2021-22205 has been actually a pre-auth RCE, unlike what original advisory stated. https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-in-the-wild/
RT @expliot_io@twitter.com
Halloween 🎃 Giveaway Alert 📢
The trick: Download our eBook (https://bit.ly/3lGxc0p), hit the follow button, like & reshare this post.
1 lucky winner gets a chance to win EXPLIoT Nano
The winner will be announced on 31st October 2021 📅
#iotexperts
🐦🔗: https://twitter.com/expliot_io/status/1448879996685139971
RT @cnotin@twitter.com
🇫🇷 ANSSI does not recommend anymore to enforce password expiry, except for privileged accounts.
Of course renewal must be triggered if a leak is suspected.
Big change with the end of this old rule. France finally in line with other international recommendations. https://twitter.com/ANSSI_FR/status/1446414418166812672
RT @binitamshah@twitter.com
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP cameras/NVR firmware ,Patch now (*CVE-2021-36260) : https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html credits @Watchful_IP@twitter.com
🐦🔗: https://twitter.com/binitamshah/status/1441686358104285187
RT @ClusirNormandie@twitter.com
[🛡️ #Adhérent] Bienvenue à @ACEService2@twitter.com qui rejoint le #CLUSIR #Normandie.
ACE Service accompagne ses clients depuis plus de 10 ans sur leurs problématiques de cybersécurité en fournissant des services autour de : l'audit, l'intégration, la mise en œuvre et l'hébergement.
🐦🔗: https://twitter.com/ClusirNormandie/status/1440212983720800260
RT @wassiniazirar@twitter.com
🔴 #Cybersecurite : l'AP-HP annonce avoir porté plainte auprès du Procureur de la République de Paris après avoir constaté le vol de fichiers contenant des données nominatives, à la suite d’une attaque informatique conduite au cours de l’été et confirmée le 12 septembre dernier.
🐦🔗: https://twitter.com/wassiniazirar/status/1438208377436442628
RT @cyb3rops@twitter.com
Sigma rule to detect CVE-2021-40444 exploitation activity
- Office program with control.exe child seems to be stable enough (1 exception)
- also works for the RTF vector https://twitter.com/WLesicki/status/1435691458980352012
- control.exe + .cpl isn't good enough
Une vulnérabilité critique du composant MSHTML de Microsoft a été détectée et peut mener à une exécution de code. Pour le moment pas de patch officiel mais des contournements sont possibles notamment via la désactivation d'ActiveX. #infosec
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
RT @securestep9@twitter.com
#OWASP Top 10 2021 DRAFT is out!!!
Now available for peer review, comment, translation, and suggestions for improvements:
🐦🔗: https://twitter.com/securestep9/status/1435698276045672457
RT @j0nh4t@twitter.com
Need local admin and have physical access?
- Plug a Razer mouse (or the dongle)
- Windows Update will download and execute RazerInstaller as SYSTEM
- Abuse elevated Explorer to open Powershell with Shift+Right click
Tried contacting @Razer@twitter.com, but no answers. So here's a freebie