#threatintel someone just leaked a bunch of internal Chinese government documents on GitHub github.com/I-S00N/I-S00N/

🛑 URGENT SECURITY ALERT! Secret backdoor found in XZ Utils compression library used by major #Linux distros, like Fedora, Kali Linux, and openSUSE. Attackers could breach SSH and take control of systems. thehackernews.com/2024/03/urgent… Update and review your systems immediately.

I just came across a tool called AttackGen. It's a simple tool that generates incident scenarios based on a Threat Actor and suggests simulations and possible detections at a high level. #llm #python #threatintel 👉 code: github.com/mrwadams/attac… 👉 app: attackgen.streamlit.app

Bon bah OpenDNS, c'est finito en France.

😈 Red Teaming TTPs Useful techniques, tactics, and procedures for red teamers and defenders Cheatsheets and guides Covering: cloud, ICS, Linux, Mac OS, threat intel, web, Windows, and more. github.com/RoseSecurity/R…

Attacking UNIX Systems via CUPS, Part I evilsocket.net/2024/09/26/Att…

YARA-X 0.9.0 has been released. github.com/VirusTotal/yar…

Windows Event IDs for Defenders

We have all heard about attackers leveraging firewall policies or WFP to block EDRs from communicating with their servers. Today I am releasing a Huntress blog talking about how to mitigate that tampering technique within EDR products: huntress.com/blog/silencing…

What the fuckkkkkkkkk

🔥💀After 40 hours of constant reversing of weird looking c++ and no sleep, I Finally cooked the CVE-2024-47575 fortimanager unauthenticated RCE 🩸

"Windows inside a Docker container."

Right-Click to Hack: Zero-Day CVE-2024-43451 Vulnerability Targets Windows Users securityonline.info/right-click-to…

#ESETresearch discovered an #exploit targeting Firefox and Windows zero days, used in the wild by Russia-aligned #RomCom. Browsing a specially crafted web page runs arbitrary code with the privileges of the user, compromising the PC. 🏴‍☠️ & R.Dumont welivesecurity.com/en/eset-resear… 1/7

🤓I’ve been using Maltego Graph for a while, and it’s one of the best tools for visualizing investigations and pivoting! One of the best feature is the use of Machines to automate pivoting and enrichment! 🤖 🔍 For example, you can create a Machine to automatically enrich an IP

C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams. github.com/cxnturi0n/conv…

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool github.com/ivre/ivre

We are very excited to announce that Volatility 3 has reached parity with Volatility 2! With this achievement, Volatility 2 is now deprecated. See the full details in our blog post: volatilityfoundation.org/announcing-the…

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6

‼️🚨 BREAKING: An AI found a Linux kernel zero-day that roots every distribution since 2017. The exploit fits in 732 bytes of Python. Patch your kernel ASAP. The vulnerability is CVE-2026-31431, nicknamed "Copy Fail," disclosed today by Theori. It has been sitting quietly in the