DLL Hijacking via URL files
Offline Attacks on Active Directory
Due to Floating Point emulation, Linux MIPS (Kernels 126.96.36.199 through 4.7 2001-2016) have executable stacks.
The patch, released in 2016 and still present - Kernel 4.8, introduces a universal DEP and ASLR bypass.
Glibc Heap Exploitation Basics : ptmalloc2 internals (Part 2) - Fast Bins and First Fit Redirection
MISP book has been updated and available online in various format https://www.circl.lu/doc/misp/ including HTML, PDF, epub and Kindle. https://www.circl.lu/doc/misp/book.pdf Thanks to all the contributors and @SteveClement@twitter.com for the continuous love. #threatintelligence
Btw Win 10 users
Pown Proxy 2.x is coming out soon
Facebook bug exposed private photos of 6.8 million users
If you've ever wanted to know more about using @firstname.lastname@example.org for process and socket auditing on Linux, we just released a two-part blog post series on it today!
Pt. 1: https://medium.com/palantir/auditing-with-osquery-part-one-introduction-to-the-linux-audit-framework-217967cec406
Pt. 2: https://medium.com/palantir/auditing-with-osquery-part-two-configuration-and-implementation-87a8bba0ef48
RT @email@example.com: Happy to announce all the chapters of http://bootkits.io now available in Early Access (~600 p). 4 years of writing/rewriting. The book almost a double the size from the original proposal (rootkits/bootkits, UEFI threats and modern forensics) Thx @firstname.lastname@example.org and @email@example.com!!
Mac_apt –The Smarter and Faster Approach to macOS Processing https://cyberforensicator.com/2018/12/12/mac_apt-the-smarter-and-faster-approach-to-macos-processing/
RT @GossiTheDog@twitter.com: Things you can look at detecting: people running whoami (or whoami.exe on Windows), people mounting filesystems. Things for strengthening - I wouldn't present Struts to internet; too exploitable. Firewall app servers.
RT @firstname.lastname@example.org: I released my video conferencing tools today. Go forth and fuzz things! https://github.com/googleprojectzero/Street-Party
RT @GossiTheDog@twitter.com: Brexit as an IT project: somebody wrote a one sentence project proposal saying you would migrate everything to Blockchain technology, which the board somehow approved despite nobody knowing what Blockchain does.
RT @email@example.com: For gods sake
RT @firstname.lastname@example.org: UNFAMILIAR FACE ALERT!
Okay yes thank you Nest that’s grwat
RT @DissectMalware@twitter.com: Last night, I was exploring #registry and realized that one can use a shell extension for persistency and learnt how to write one in C#.
Before tweeting, I found this awesome https://www.google.com/amp/s/oalabs.openanalysis.net/2015/06/04/malware-persistence-hkey_current_user-shell-extension-handlers/amp/ by @email@example.com
I was late a few years
RT @firstname.lastname@example.org: I've seen the same email with "Bomb is in your building" subject, different Bitcoin address (1LVZqNEUHnhGxZ2qgJApd3qbHWZtpMhkAo) and, because why not, different kind of explosive (Hexigen).
To state the totally obvious: this is a scam, do not pay. https://twitter.com/0x736A/status/1073302647829082112
RT @email@example.com: And while looking for this, I found this probably unrelated campaign from a few hours ago. Link goes to Google Docs which, without any warning, servers Ursnif https://www.virustotal.com/en/file/f78a35094a34680253d803a53975e4254a8e119029ef457e16ae898d01aa169f/analysis/
A 100% disruptive über-1337 military-grade next-next-gen deep-analytics full-spectrum crypto-bullshito-cyber quantum-proof apt-blockchain (not CISSP)
On « Tweet » sur Twitter ; on « Toot » sur Mastodon. Sur ce réseau social plein de libertés, TeDomum met à disposition une modeste instance. N'hésitez pas à nous solliciter pour la modération ou des ajustements de configuration.