🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

New Module: Software Inventory CVE Scan Its not always about the awesome Threat Simulations! Use this new security control module for Linux & MacOS endpoints to list & scan the installed software inventory of endpoints to matching CVEs via the NVD CVE database. Sign up for

"Locks on the wire" by Wireghoul cfp.bsidescbr.com.au/bsides-canberr…

New Module: Credential Guard Bypass - WDigest It is possible to bypass Microsoft's Credential Guard by patching WDigest in-memory to enable clear-text credential storage on secured endpoints. This module will attempt to emulate malicious APT behavior attempting to patch WDigest

Android security workshop (slides) valsamaras.medium.com/android-securi…

ServiceNow Insecure Access Control To Full Admin Takeover - https://x64[.]sh/posts/ServiceNow-Insecure-access-control-to-admin/

New blog post: RE of LR3 by Exclusive elttam.com/blog/re-of-lr3/

Seeing a bunch of 100% scores on EDRs in some reports lately 🤔 At ATTACKIFY, we don't promise 100% scores... but we do promise to test 100% of the EDRs out there! Let's see how they really hold up! 😉🔍 Sign up today and start putting your EDRs up to its paces!

🔐 New Module: LOLDrivers Scan! While ATTACKIFY excels in automated adversary simulations, we're also about enhancing endpoint security. Our newest module leverages the awesome work from the #LOLDrivers project, allowing seamless malicious and vulnerable drivers scans on your

🔐 Introducing the Bootloader.io Scanner Module for ATTACKIFY! Following the success of our LOLDrivers Scanner Module, we're excited to unveil the Bootloader.io Scanner. Dive deep into detecting malicious bootloaders using data from the awesome project hosted

🚀 New Feature in ATTACKIFY! Introducing attack scheduling - our latest feature to further automate & schedule attack simulations on a continuous daily, weekly, or monthly basis on single or multiple endpoints & environments is out now. That and some more details in our latest

🚀 Exciting New Module in #ATTACKIFY  - OceanLotus 🚀 A new module inspired by the awesome research from Cat & Megan Carney and the @MITREengenuity team on OceanLotus APT emulation! 🛡️ Dive deep into advanced threat simulations & hone your defenses by experiencing

The world's first(?) kernel exploit for Vision Pro- on launch day!

How the hell are we gonna send the epic fail Pwnie to China

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE :

Decided to publish PPPwn early. The first PlayStation 4 Kernel RCE. Supporting FWs upto 11.00. github.com/TheOfficialFlo…

🚨 Attention Australian Businesses and Educational Institutes! 🚨 We're offering FREE Professional ATTACKIFY accounts for the rest of 2024 if you register for a FREE account in June. We want to help protect against the current surge in cyber attacks seen in Australia lately.

🚀 New Module Alert! 🚀 We're excited to introduce our latest ATTACKIFY module targeting CVE-2024-26229, a vulnerability in the Windows CSC Service. 🔍 Key Features: - Test & Validate Security Controls: Focus on local privilege escalation detection & prevention. - Real-World

🚀 Bridging MITRE ATT&CK with ATTACKIFY for Advanced Threat Actor Emulation! Exciting news! We've just released a new CLI tool in beta to compliment ATTACKIFY that will help you instantly run emulations based on any ATT&CK Threat Actor Group Profiles. 🎯 Map ATT&CK TTPs

This is what I mean when I say working with MSRC is degrading. They want everything: write up, stack traces, PoC, exploit source, analysis, life advice, approval on anything you will ever publish. In return they will patch your bug whenever they feel like it and not tell you