Our team at Volexity has identified a new 0day exploited in the wild. This time we caught a threat actor using an unauthenticated RCE in Palo Alto Networks GlobalProtect. It has been assigned CVE-2024-3400 and is covered in this Palo Alto Networks advisory security.paloaltonetworks.com/CVE-2024-3400

Good morning! youtu.be/uRbHywgrEs4?si…

We have 4+ hours of live content planned for this Friday at GreyNoise NetNoiseCon! Featuring Matt Johansen, kimber ✨, boB Rudis 🇺🇦 🐘@[email protected] + many more! Signup to receive a reminder: info.greynoise.io/community/netn…

If you're into RC planes etc. I'd like to recommend youtube.com/@Mach3RC

Today was the first day I've ever seen an appropriately configured NAA account in one domain that was NOT over-privileged. Whoever got this right, if you are listening, can you please teach the rest of the world??

youtu.be/AvLiaLPnv2o?si…

I am grateful to the United States House of Representatives, both parties, and personally Speaker Mike Johnson for the decision that keeps history on the right track. Democracy and freedom will always have global significance and will never fail as long as America helps to

24 years ago, an officer was dispatched to an abandoned baby. Decades later, he finally learned that baby's surprising identity. cbsnews.com/news/officer-a… via CBS Evening News

Just another spring day!

Metasploit Basics, Part 19: Web Delivery for Windows Previously, we used Metasploit’s web delivery exploit to connect to UNIX, Linux or OS X machines with Python. Now is the time for Windows. OccupytheWeb #hacking #metasploit hackers-arise.net/2023/12/02/met…

The Cyberwarrior Wisdom of Master OTW Much of what appears on social media (X, Reddit, Facebook, Whatsapp, IG) is the work of Russian disinformation bots. Be careful what you believe. #cyberwarrior #otwwisdom

There is absolutely no place for political violence in our democracy. Although we don’t yet know exactly what happened, we should all be relieved that former President Trump wasn’t seriously hurt, and use this moment to recommit ourselves to civility and respect in our politics.

Good stuff

ONE DOES NOT SIMPLY WALK INTO FAYETTEVILLE

Florian Roth ⚡️ Simo Cybersecurity and Infrastructure Security Agency We did something similar in '22. Didn't map against exploited, just CVEs by vendor & mapped to top 25 most dangerous CWEs; NVD data 2017-2022. Needs a refresh and mapping against KEV! I'll get someone on it. Shareholders dgaf tho. Here's PAN this year. (3 exploited 0days already)

Looking forward to this device!

Recent developments in Software Defined Radio (SDR) have made it relatively inexpensive and simple to develop your own mobile telecom system. Explore how the Mexican drug cartels did it to avoid surveillance: hackers-arise.com/post/mobile-ha… OccupytheWeb

NYT on the letter cutting off funds to Harvard: "Ms. McMahon’s three-page letter, which deployed the use of all-capital letters to emphasize words." Wife of a pro wrestling mogul cutting off scientific funding from Harvard in all caps. We've arrived at Idiocracy.

I'm happy to announce the first beta module for uSDR! GNU Radio Module for uSDR GPUDirect RDMA This is an Out-of-Tree (OOT) module for GNU Radio that provides blocks to interact with the uSDR device using NVIDIA GPUDirect RDMA for high-performance SDR processing.

As the first cyberwar in history rages on between Ukraine and Russia, our Cyber Cossacks teach you their methods of defending Ukraine and attacking their adversary. Sliver: Building a Command and Control (C2) Infrastructure in the middle of a Cyberwar, Part 3