Process Behaviour Anomaly Detection Using #eBPF and Unsupervised-Learning #Autoencoders evilsocket.net/2022/08/15/Pro…

Leaked documents online show the purchase (and documentation of) an $8,000,000 iOS Remote Code Execution 0day exploit

Always a great read: dolosgroup.io/blog/2021/7/9/… “We took a locked down FDE laptop, sniffed the BitLocker decryption key coming out of the TPM, backdoored a virtualized image, and used its VPN auto-connect feature to attack the internal corporate network.”

When a pentester brings the intern for an internal test

What's missing? KERBEROS ABUSE •ASREP Roast •ASREQ (kerbrute – enum users) •ASREQ Roast •Kerberoast •Golden Ticket •Silver Ticket •Diamond Ticket •Sapphire Ticket •Bronze Ticket •Unconstrained Delegation •Constrained Delegation 1/2

"sophisticated cyberattack" = some ~skids' DDoS attack... 🤦‍♂️

#Bitcoin Core 24.0 was just released. This one comes with a lot of controversy. A new feature effecting big industry players, the networks scalability and security. I'm talking about the mempoolfullrbf configuration option. Let me break it down as simply as I can. 🧵 👇

Just updated the "malwarebazaar" Python module to include a Python and CLI client for abuse.ch #YARAify and added a "richer" output. You can find it on Github (github.com/3c7/bazaar/rel…) and on PyPI (via "malwarebazaar"). #threatintel #malware

Introduction to Linux raw sockets and port knocking technique by @Cooler_freenode antonio-cooler.gitbook.io/coolervoid-tav… #Linux #network #learning #programming #infosec

Me and @idov31 are happy to introduce HWSyscalls, a new method to execute indirect syscalls using Hardware Breakpoints without calling directly to ntdll.dll, therefore bypassing the current way to detect it. A detailed blog post will follow soon. github.com/Dec0ne/HWSysca…

.Activision was breached December 4th, 2022. The Threat Actors successfully phished a privileged user on the network. They exfiltrated sensitive work place documents as well as scheduled to be released content dating to November 17th, 2023. Activision did not tell anyone.

Releasing a Windows 11 LPE exploit by b33f | 🇺🇦✊ and I. Exploits CVE-2023-21768, a vuln in afd.sys. Blog post soon! github.com/xforcered/Wind…

AT90SC3232C. My photos of the surface layer failed to stitch on account of the repeated memory regions, so I only have photos after delayering.

🚨NEW BLOG🚨 #LummaC2 stealer analysis, mainly focused on things that haven't been covered in depth such as CRX (chrome extensions) IDs, Dynamic API resolving procedure and the hashing algorithm used. The blog is full of python script! Enjoy! 0xtoxin-labs.gitbook.io/malware-analys…

#CloudForensics

🚨IMPORTANT🚨 We have observed that the implant placed on tens of thousands of Cisco devices has been altered to check for an Authorization HTTP header value before responding [1/3]

securelist.com/operation-tria…

Our official statement regarding the misuse of Shellter Elite, and the way Elastic Security Labs handled it. shellterproject.com/statement-rega…

🔥🔥🔥 Follow-Up on the Shellter Elite Misuse Incident. shellterproject.com/follow-up-on-t…