RT @FForEffort1@twitter.com
Mr X's identity is a complete mystery.
🐦🔗: https://twitter.com/FForEffort1/status/1165226521004580864
RT @cprofiler@twitter.com
Cerbero Suite 3.3 is out! - https://cerbero-blog.com/?p=1842 - Theme support, hugely improved native UI for Ghidra, MachO Carbon support, XP compatibility and a few bug fixes. Happy hacking!
🐦🔗: https://twitter.com/cprofiler/status/1165220585565282304
RT @Dinosn@twitter.com
CVE-2019-12527: Code Execution on Squid Proxy Through a Buffer Overflow https://www.zerodayinitiative.com/blog/2019/8/22/cve-2019-12527-code-execution-on-squid-proxy-through-a-heap-buffer-overflow
RT @2xyo@twitter.com
Mitre ATT&CK Sub-Techniques Preview:
- New ID numbering
- New techniques
- Technique decomposition
- Technique realignment and deprecation
- Technique-to-sub-technique demotion
https://medium.com/mitre-attack/attack-sub-techniques-preview-b79ff0ba669a
By @MITREattack@twitter.com
RT @GossiTheDog@twitter.com
Fortigate are calling this issue in FortiOS a “vulnerability” but to be clear it’s actually a major backdoor.
The backdoor code is flat out there in the OS, it even needs a ‘secret’ code typed to trigger it.
How did a major firewall vendor (almost 500k IPs) end up backdoored? https://twitter.com/gossithedog/status/1164549075838099456
🐦🔗: https://twitter.com/GossiTheDog/status/1164601729347981312
RT @Jipe_@twitter.com
« Hunting for Privilege Escalation in Windows Environment » 👍🏻👍🏻👍🏻👍🏻 https://speakerdeck.com/heirhabarov/hunting-for-privilege-escalation-in-windows-environment
RT @driikolu@twitter.com
Apprendre à utiliser vim de manière ludique, c'est maintenant possible !
Les utilisateurs de nano n'ont plus d'excuse. https://twitter.com/MasteringVim/status/1164516009887326209
RT @YaronZi@twitter.com
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190023 great to see #microsoft is taking action to reduce #NTLM attack surface by advising customers to enable LDAP relay mitigations. We talked about these issues at our @defcon@twitter.com and @BlackHatEvents@twitter.com talks. @simakov_marina@twitter.com
RT @ENOENT_@twitter.com
If you're interested in knowing how to solve RE tasks using cryptanalysis only, you should check out my new post. You'll see the methodology I applied to solve the micro-bit crackme of the #BlackBadge challenge of @_leHACK_@twitter.com 2019 of @virtualabs@twitter.com @iotcert@twitter.com
https://bitsdeep.com/posts/solving-re-tasks-the-crypto-way/
RT @HanseSecure@twitter.com
Bypassing Two-Factor Authentication on Outlook Web Access
#infosec #pentest
http://securityaffairs.co/wordpress/53147/hacking/outlook-web-access.html
🐦🔗: https://twitter.com/HanseSecure/status/1162422703724400640
RT @gabsmashh@twitter.com
a good guide to the basics of offensive lateral movement/pivoting, including psexec, DCOM, WMI, winRM, etc. the guide uses cobaltstrike for most of the demo, which is superrrr fun (albeit noisy) to play with, if you haven't.
https://hausec.com/2019/08/12/offensive-lateral-movement/
🐦🔗: https://twitter.com/gabsmashh/status/1162545788356087808
RT @PythonResponder@twitter.com
Responder 2.3.4.0 upcoming release will be supporting RDP ;)
🐦🔗: https://twitter.com/PythonResponder/status/1162455963401641985
RT @shishi0_@twitter.com
"Webmin 0day remote code execution"
Tl;Dr: Lack of input validation in the reset password function allows RCE (CVE-2019-15107). Over 13 0000 vulnerable on Shodan.
PoC:
/password_reset.cgi
user=root&pam&expired&old=wrong | id
https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
RT @TencentTic@twitter.com
Tencent Security Team has worked out a stable POC of CVE-2019-1181/1182. It works on Win7 to Win10. Patch your system as soon as possible. REF:
https://s.tencent.com/research/bsafe/778.html
🐦🔗: https://twitter.com/TencentTic/status/1162197149108408322
RT @huntingmalware@twitter.com
Hey hey hey, bored of infosec marketing bullshit? check our new post! https://blog.huntingmalware.com/notes/DigMine
🐦🔗: https://twitter.com/huntingmalware/status/1162335050320490496
RT @GossiTheDog@twitter.com
“We accept the risk”
2 years later:
🐦🔗: https://twitter.com/GossiTheDog/status/1162084778486697984
RT @gentilkiwi@twitter.com
When your program name is more the new EICAR than a security tool https://twitter.com/ahakcil/status/1161674193353809920
🐦🔗: https://twitter.com/gentilkiwi/status/1161684030108119042
RT @piotrcki@twitter.com
⚠️ Arretez tout et allez mettre à jour vos Windows. ⚠️ (Merci à @ANSSI_FR@twitter.com @CERT_FR@twitter.com)
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2019-ALE-012/
RT @5aelo@twitter.com
In case you missed @natashenka@twitter.com's talk at @BlackHatEvents@twitter.com this week, here is a video showing a remote exploit for one of the iMessage bugs we found: https://youtu.be/E_9kBFKNx54 Be sure to read https://googleprojectzero.blogspot.com/2019/08/the-fully-remote-attack-surface-of.html if you are interested in these kinds of attacks!
RT @PyroTek3@twitter.com
Today at Black Hat @markmorow@twitter.com
& I presented on "Attacking & Defending the Microsoft Cloud."
Slides are now available to download:
https://adsecurity.org/?p=4179
We covered several attacks (& defense): password spray, token theft, password reuse, on-prem cloud integration, & more!