General reminder. If you have Palo Alto firewalls that were exposed to CVE-2023-3400, get them checked thoroughly. We’re seeing dozens of threat actors active on single devices. Just patching wasn’t the end of this.

GitHub comments can host files uploaded during issue discussions or commit annotations.

Once uploaded, these files are accessible via GitHub's CDN, regardless of the comment's visibility or existence.

Damn Kali Linux rigging all these elections 🙄🤣

New from 404 Media: that spy site which is scraping Discord en masse and selling users' activity and messages is linked to the harassment site Kiwi Farms. User there is using the site to target specific servers. Gives more context on how the tool is used 404media.co/spy-site-selli…

A 13 year old coded a botnet control framework that utilizes pastebin and github for control of hosts in red teaming…

This makes the hacker in me so hopeful.

Check out pastebomb when it’s dropped!

This is what you get when you complain about APTs using LOLbins, you get a proper APT on a Friday of a holiday weekend.

Though I would be loath to create a new government agency, as I usually think that's the last thing we need, I enjoyed reading the arguments here about a new Open Source Agency placed outside of the classified, walled garden of the IC.

thecipherbrief.com/column_article…

US Government agencies have to figure out how to characterize and share the information to both audiences without blowing the source. 16/16

Curious about CIA's 'Duty to Warn' protocols?

I've delivered the 'duty to warn' when I served CIA in the past. There is a lot of wrong info out there on it. Here's how it really works:
🧵 1/16

What makes it harder for legacy companies to re-vertically integrate is they've now spread operations over a large number of different voting districts for political capture.

Their cost-inefficient structure is now propped up by tax breaks they can't afford to lose

So stoked for my event with Hoff (Christofer Hoff/LastPass)
on 3/13 at 11 AM ET🤖🤘
We'll talk through the latest social engineering threats, hacks I've done recently and how they succeeded OR how I got caught, and how AI has changed the way we hack in 2024.
info.lastpass.com/Expert-Strateg…

This could be a thing in infosec

twitter.com/CooperBogetti/…

Any of my old Cisco homies have an active ThousandEyes account they can log into? I’d love to see their detailed view on the outages.

4\ Finally the email analysis system is a platform allowing the operator to search and look through gathered emails and intelligence.

From an IR/blue team standpoint, the key point of interest is HOW do they gather this information.

In this paragraph they wrote there is an

1\ My thoughts on the Chinese APT contractor leak 🇨🇳

Specifically, I want to talk about the leaked
- iOS Spyware
- Physical implantable devices
- Email surveillance system

Let's consider detection and how these would be installed.

⁦easyJet⁩ you have a legal obligation to act when you cancel a flight 45 minutes before departure. You cannot just ignore and hope this goes away because I’ll make more noise than you can ever imagine

You network hackers out there, what are the command-line tools that you use to molest the network, besides:
ping, dig, traceroute, nc, curl, nmap/masscan?

I want a list that people use FREQUENTLY.

Dave Aitel PDD Holdings denies a lot of this but researchers from Lookout further analyzed app samples and corroborated the original researchers claims.

'There is also some code that looks like it would be consistent with preventing apps from being uninstalled.'

Dave Aitel It seems the 0days were being used to steal more user data than native Android APIs would give an app access to.

They even used this elevated access to uninstall their competitors apps off the phone.

Dave Aitel Pinduoduo is an e-commerce app with 751.3 million average monthly active users.

In March 2023 it was reported that their official signed Android app contained malware and a number of Android 0days