Patch your Domain Controllers running DNS (typical config, so most orgs) ASAP. DNS remote code execution vulnerability which runs as LocalSystem on Windows DNS server (usually a DC). portal.msrc.microsoft.com/en-US/security…

#IPS #SQL #Evasion youtu.be/eEijqdIVcU8

#XSS #Google Thomas Orlita blog.thomasorlita.cz/vulns/google-c…

The latest OWASP France Daily Digest! paper.li/SPoint/1310999… Thanks to Kiuwan @jcane_tech Rohan Aggarwal #infosec #xss

blog.attify.com/the-practical-…

blog.cryptographyengineering.com/2018/12/17/on-…

n2ws.com/blog/aws-cloud…

github.com/yudai/gotty

blackhillsinfosec.com/webcast-rdp-lo…

#thisisrealnews independent.co.uk/life-style/gad…

#unix #50years motls.blogspot.com/2019/01/unix-5…

github.com/fs0c131y/ESFil…

pentestpartners.com/security-blog/…

#tempmail #mailboxspoof temp-mail.org/en/

Network Forensics, Part 2: Packet-Level Analysis of the NSA's EternalBlue Exploit #networkforensics #cybersecurity #dfir #digitalforensics #eternalblue

Apparently there was an internal network share that contained powershell scripts... "One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite"

⚠️ Giveaway time! ⚠️ 👇 📢 Our new course "Attacking AI" will be Feb 27-28! This two-day course equips security professionals with the tools and methodologies to identify vulnerabilities in AI systems. It's gonna be a BANGER. Syllabus: payhip.com/b/2qPZ1 We are giving

Quick Linux tip: How often has this happened to you? After entering and running a lengthy command, you realize you forgot to include sudo at the start. You can simply type $ sudo !! and the command line will replace !! with the last command, you attempted to execute.