Liked our #redteam feedback blog series -> Chapter 3 (the final) is on line! ictexpertsluxembourg.lu/technical-corn… -Custom Rasp. Implant to bypass network restriction -Physical intrusion in DataCenter to access core network -Simulated #phishing for initial access and more.. Thanks to the team!

PostDump. tool to perform a memory dump (lsass) using several technics to bypass EDR hooking and lsass protection github.com/post-cyberlabs…

Here is the #sp500 2008 vs. 2022 analog update.. including today.

It's Xmas time! Our #Offensive #Security team (COS) released a new version of our #EDR bypass toolset "PostDump" 🔥🔥 Thanks to our teammate YOLOP0wn for the amazing job and all others for ideas and improvements ! Together we pwn harder 😉 (Including both CME / Lsassy modules)

Checkout the new postdump version inclusive indirect syscalls, procexp ppl bypass, and asr bypass ! github.com/YOLOP0wn/POSTD…

Someone did some brute-forcing to find collision on short PGP key id and uploaded the keys with existing collision to the key servers...

Taking over 17000 hosts by typosquatting package managers like PyPi or npmjs : incolumitas.com/2016/06/08/typ… , Pdf : incolumitas.com/data/thesis.pdf

Close your AJP connectors, as AJPy has been released by Julien Legras: github.com/hypn0s/AJPy #SSTIC

Pretty good intuition of how ROP works

"Remote by default" is a nice and efficient way to ensure great communication among a security team. #FIRSTCON16

[BLOG] Xen exploitation part 3: XSA-182, Qubes escape: blog.quarkslab.com/xen-exploitati… Final notes on finding Xen vm escape and exploitation

The person compromising these Ubiquiti devices is kind enough to say how the device was vulnerable :)

Wow, this is HOT! "Introducing Ponce: One-click symbolic execution" research.trust.salesforce.com/Introducing-Po…

IAEA chief: Nuclear power plant was disrupted by cyber attack reuters.com/article/us-nuc…

CVE-2016-6187: Exploiting Linux kernel heap off-by-one cyseclabs.com/blog/cve-2016-…

'From Mimikatz to Kekeo, Passing by New Microsoft Security Technologies' Slides from my talk @ #bluehatil 1drv.ms/p/s!AFQCT5PF61…

CIRCL training catalogue 2017 published circl.lu/assets/files/c… #luxembourg #infosec

Well, we released our plugin which turns #Burp Suite into headless automatic web vulnerability scanner. github.com/yandex/burp-mo… #Zeronights