I'm releasing all the slides (~800!) of my Mobile Security class: mobisec.reyammer.io! They are not perfect, but students learned how to reverse apps, find&exploit real-world bugs, reason about threat modelling / system security, etc. Very proud of them :-) 👶 => 👨‍💻👩‍💻

Are you taking full advantage of Python 3? Are you sure? Here are 10 Python 3 features that will change the way you are writing code today. 🧵👇

"An overview so everyone can leverage #Empire’s full capabilities. Here are just a few of the updates that were implemented in 3.4." bc-security.org/post/overview-…

New blog post by me on exploiting MFA inconsistencies on Microsoft services: blackhillsinfosec.com/exploiting-mfa… And here's a new tool (MFASweep) to find them: github.com/dafthack/MFASw…

exploiting #Zerologon... Tired: boring all 0s challenge 😴 Wired: Exciting challenges with non 0 values 🥳 See my new blog on the matter medium.com/@TalBeerySec/z… Thanks to @djrevmoon.bsky.social Dirk-jan 🥝🏳️‍🌈 Benjamin Delpy Samir Mitja Kolsek 0patch Ophir Harpaz 🎗️ @SagieSec Chris Nickerson Secura

I finally got around to documenting my Pi home server setup giving me valid TLS certs on a device behind a NAT, with relatively secure remote access and some customised dashboards and alerting. I hope it inspires you to build something cool too! sensepost.com/blog/2020/buil…

You're curious about what's going on with Ghostwriter? Lucky you... posts.specterops.io/updates-to-gho…

Great article about detecting #AADInternals usage in Azure AD! fireeye.com/blog/threat-re…

Updates: -APT37 (Reaper) samples have been added -APT-C-23 (AridViper) samples have been added vx-underground.org/apts.html Translation page has been merged with Papers page. It has improved legibility and usability for non-English speakers. vx-underground.org/papers.html Next:

A relatively new implant, which we have dubbed #SlothfulMedia, has been used to target victims in a number of countries, including: India, Kazakhstan, Kyrgyzstan, Malaysia, Russia and Ukraine. See more on U.S. Cyber Command's Virus Total page: virustotal.com/gui/file/64d78…

Presented Virus Bulletin 2020 - this excellent session by @Glacius___ and Jeffrey Sman on Netwalker #ransomware is definately worth watching youtube.com/watch?reload=9… #malware #cybersecurity

Excited to publish our research in which Eyal Itkin and I were able to fingerprint 2 of the most active exploit developers for Windows. Together, they account for 16 Windows LPE exploits, of which 5 were 0-Days that were sold to APTs and crime groups. research.checkpoint.com/2020/grapholog…

#ESETresearch uncovered #XDSpy, a new APT group active since 2011. Over the years, it has compromised many governments in Belarus, Moldova, Russia, Ukraine and Serbia. We found that the initial compromise vector is a spearphishing email. welivesecurity.com/2020/10/02/xds… __mat__

Ransomware campaigns are often described in terms of payload. In reality, however, a ransomware incident is a breach involving human adversaries attacking a network. Learn what this means. Read the Microsoft Digital Defense Report: msft.it/6015Tv7jZ

Part 1 of our APT28 collection has concluded: All 46 of our APT28 samples are live. Part 2 of our APT28 collection will go live soon. Check out our APT28 collection here: vx-underground.org/apts.html

Haha .. I did it .. Raccine - a simple Ransomware Vaccine - uses debugger registration to intercept vssadmin.exe invocations - collects process tree pids for kills - PoC as weekend project - my C code sucks, but it works github.com/Neo23x0/Raccine

Here is the recording of the full x64 Linux Binary exploitation training. Couldn’t cover few topics due to time restrictions, but overall I am happy with the coverage. Thanks to all, who submitted the pre-training challenge and attended. The Offensive Labs youtu.be/gxU3e7GbC-M

A couple of Sunday notes about DLL proxying ired.team/offensive-secu…

Lazarus on the hunt for big game securelist.com/lazarus-on-the…