@y0no@mastodon.tedomum.net
RT @Pixnlove@twitter.com
🎅CALENDRIER DE L'AVENT J24🎅
Le père Noël sort le grand jeu🎄
👉Tentez de remporter ce superbe lot de 6 jeux édités par Pix'n Love Games + la console Nintendo Switch Oled ! 😍
Pour jouer :
🟡RT
🔵Follow @Pixnlove@twitter.com
➡️ Tirage au sort lundi (France et Europe uniquement)
RT @HusseiN98D@twitter.com
Giveaway time! I will send 3 copies of my hacking workshop done at @THREAT_CON@twitter.com. That's +12 hours of content 🔥
✅ Like
🔁 RT the post
✅ Follow
👉🏿 Giveaway ends at reaching 20k Followers 🌟
🐦🔗: https://twitter.com/HusseiN98D/status/1471939315345276930
RT @_nwodtuhs@twitter.com
Christmas gift 🎄🎁 from @m3g9tr0n@twitter.com and I ✨
You probably already know The Hacker Recipes (http://thehacker.recipes), let me introduce The Hacker Tools (http://tools.thehacker.recipes).
This project aims at providing documentation on some tools, starting with @gentilkiwi@twitter.com's Mimikatz 🥝
🐦🔗: https://twitter.com/_nwodtuhs/status/1471906790782775301
RT @pry0cc@twitter.com
Pentesting expectation: Hacking into the mainframe, EDR evasion, physical penetration, sliding past blue teamers.
Pentesting reality: Taking a screenshot of a password reset page that responds "invalid email" if the email is invalid.
Du coup, pour une liste des produits potentiellement impactés par log4shell, il y a une liste ici: https://github.com/YfryTchsGD/Log4jAttackSurface
J'imagine qu'il y a pas mal d'équipes SSI qui doivent passer un sale moment ce week-end...
Est-ce que quelqu'un qui a listé les softs actuellement impactés par #log4shell ?
RT @GreyNoiseIO@twitter.com
GreyNoise is detecting a sharply increasing number of hosts opportunistically exploiting Apache Log4J CVE-2021-44228. Exploitation occurring from ~100 distinct hosts, almost all of which are Tor exit nodes. Tags available to all users and customers now.
https://www.greynoise.io/viz/query/?gnql=tags%3A%22Apache%20Log4j%20RCE%20Attempt%22
🐦🔗: https://twitter.com/GreyNoiseIO/status/1469326260803416073
RT @CERT_FR@twitter.com
⚠️Alerte CERT-FR⚠️
CERTFR-2021-ALE-022 : Vulnérabilité dans Apache Log4j (10 décembre 2021)
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2021-ALE-022/
RT @cyb3rops@twitter.com
I've created this gist as a scratchpad on which I can improve the commands over the course of the day
https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
Bah alors @ADNormandie@twitter.com, c'est ça votre mission ? :)
RT @clement_michel@twitter.com
Ivre le CM d'@ADNormandie@twitter.com retweet Valeurs Actuelles avec son compte pro #NeutralitePolitique #RienAFaireIci
🐦🔗: https://twitter.com/clement_michel/status/1467946799612760074
RT @rimpq@twitter.com
🔥Design Issues Of Modern EDRs: Bypassing ETW-Based Solutions by @binarly_io@twitter.com
[BLOG]➡️https://www.binarly.io/posts/Design_issues_of_modern_EDRs_bypassing_ETW-based_solutions
RT @noraj_rawsec@twitter.com
The Invisible JavaScript Backdoor
https://certitude.consulting/blog/en/invisible-backdoor/
🐦🔗: https://twitter.com/noraj_rawsec/status/1463603200737652739
RT @gael_duval@twitter.com
🔥Many open positions at ECORP... 🧑🏻🤝🧑🏻🧑🏻🤝🧑🏻🧑🏻🤝🧑🏻
Want to build the most avdanced, degoogled, pro-privacy mobile ecosystem? 📱🖥️ Join us!
#mydataisMYdata #hiring #techjobs #android #phpjobs #wordpressdeveloper #remotejobs #remotework
#privacy #opensource
🐦🔗: https://twitter.com/gael_duval/status/1460200201084362755
Honteux. L'objectif d'une redteam sera toujours de protèger pas juste de pwn...
RT @campuscodi@twitter.com
Randori discovered and used a Palo Alto Networks GlobalProtect VPN zero-day (CVE-2021-3064) as part of its red team engagements for a year before disclosing the issue to the vendor
https://www.randori.com/blog/cve-2021-3064/
🐦🔗: https://twitter.com/campuscodi/status/1458668057040097283
RT @Synacktiv@twitter.com
Check our new internship position! Let's hunt backdoors, tools or configurations that could maintain the (silent) presence of an attacker in a system. Good knowledge required in Windows and ready-to-learn in computer forensics.
🇫🇷 https://www.synacktiv.com/recherche-sur-les-moyens-de-persistance.html
🐦🔗: https://twitter.com/Synacktiv/status/1458492485383163909
RT @hkashfi@twitter.com
Turns out CVE-2021-22205 has been actually a pre-auth RCE, unlike what original advisory stated. https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-in-the-wild/
RT @expliot_io@twitter.com
Halloween 🎃 Giveaway Alert 📢
The trick: Download our eBook (https://bit.ly/3lGxc0p), hit the follow button, like & reshare this post.
1 lucky winner gets a chance to win EXPLIoT Nano
The winner will be announced on 31st October 2021 📅
#iotexperts
🐦🔗: https://twitter.com/expliot_io/status/1448879996685139971
RT @cnotin@twitter.com
🇫🇷 ANSSI does not recommend anymore to enforce password expiry, except for privileged accounts.
Of course renewal must be triggered if a leak is suspected.
Big change with the end of this old rule. France finally in line with other international recommendations. https://twitter.com/ANSSI_FR/status/1446414418166812672
RT @binitamshah@twitter.com
Unauthenticated Remote Code Execution (RCE) vulnerability in Hikvision IP cameras/NVR firmware ,Patch now (*CVE-2021-36260) : https://watchfulip.github.io/2021/09/18/Hikvision-IP-Camera-Unauthenticated-RCE.html credits @Watchful_IP@twitter.com
🐦🔗: https://twitter.com/binitamshah/status/1441686358104285187
RT @ClusirNormandie@twitter.com
[🛡️ #Adhérent] Bienvenue à @ACEService2@twitter.com qui rejoint le #CLUSIR #Normandie.
ACE Service accompagne ses clients depuis plus de 10 ans sur leurs problématiques de cybersécurité en fournissant des services autour de : l'audit, l'intégration, la mise en œuvre et l'hébergement.
🐦🔗: https://twitter.com/ClusirNormandie/status/1440212983720800260
