2024 OWASP Global AppSec is coming to #Lisbon this June! Register now for this event designed for #appsec professionals Training with Paulo A. Silva - @Char_49 ecs.page.link/8R8JH #owasp #AI #portugal #hacking #networking #threatmodeling #conference #training #infosec

Here's a simplified threat model using the STRIDE framework against Office 365: 1. **Spoofing:** - Threat: Attackers may attempt to spoof legitimate Office 365 accounts to gain unauthorized access to sensitive data or resources. - Mitigation: Implement multi-factor

Great slides available here for AD Security 👇👇🔥🔥

This is awesome! Incredibly useful for IR and beats my handmade notes 😆 Thank you to the folks that made this guide public 🙏 🙏 Get the PDF directly from here 🔗 cdn-dynmedia-1.microsoft.com/is/content/mic…

⚠️⚠️ CVE-2024-2961 – glibc Vulnerability Opens Door to PHP Attacks: Patch Immediately 🎯180k+ Results are found on the en.fofa.info nearly year. FOFA Link🔗: en.fofa.info/result?qbase64… FOFA Query: app="php" && (body="GNU C" || body="glibc") Refer🔖:

🔮 The Kubenomicon A massive list of offensive Kubernetes security techniques and how to defend against them Includes detailed tactical exploitation (and defense) tips #cybersecurity kubenomicon.com

Awesome CI/CD Attacks Practical resources for offensive CI/CD security research 🧠 Techniques 🛠️ Offensive tools 🗒️ Case studies By Asi Greenholts github.com/TupleType/awes…

It’s been quite the run NTLM…

This is honestly one of the best pieces of web security research I have read in years blog.orange.tw/2024/08/confus…

Ever wanted to spin up a GOAD environment in VMware ESXi? Well I decided to dig into it and I wrote a step-by-step guide to help anyone that wants to deploy it. netsecfocus.com/infosec/walkth…

In a recent incident, my colleague Flo Scheiber investigated a compromise of a Microsoft Entra Global Administrator account. The user fell for a simple phishing attempt (see screenshot) and handed over the key to the cloud kingdom to the attacker. After accessing the tenant,

Adversary in the Middle (AitM): Post-Exploitation w/ Michael Allen youtube.com/live/WY4mH-8Tb… via YouTube by -

CrowdStrike part 2 crashes Microsoft Office on Windows 11 24H2 | TechSpot techspot.com/news/105447-cr…

CyberSec Trends Q1/25🔮 ⬆️Lumma Stealer ↗️EDR killers (vulnerable drivers) ↗️Abuse of legit remote access tools ↗️0days in Fortinet & Ivanti ↗️Token persistence/cloud API abuse ⬆️Sliver implants ⬆️Fake CAPTCHA pages ⬆️Malvertising

We published a worker to use our free scanner THOR Lite in OpenRelik OpenRelik is an open-source platform designed to streamline collaborative digital forensic investigations | by Johan Berggren Project page openrelik.org THOR Lite nextron-systems.com/thor-lite/ THOR Lite

Our team is ready, thrilled, and geared up to tackle challenges, break some binaries, and push our skills to the limit. It's always an honor to be part of such an incredible event, surrounded by top-tier hackers and like-minded enthusiasts. #CTF #INSO25 /cc Insomni'hack

📢 Nov zakon o informacijski varnosti je objavljen v Uradnem listu RS! V Uradnem listu RS št. 40/25 je bil danes, 4. junija 2025, objavljen Zakon o informacijski varnosti (ZInfV-1), ki bo začel veljati 19. junija 2025. 🎓 ⚖️ZInfV-1 predstavlja pomemben mejnik na področju

🚨URSIV z današnjim dnem razglaša povečano stopnjo ogroženosti varnosti omrežij in informacijskih sistemov zavezancev iz Zakona o informacijski varnosti. ❗️🛡️ Zaznana je bila škodljiva koda na novih USB ključkih 8GB proizvajalca Extra Lux. 🔐 V primeru, da posamezni organi,

The Hacker House CTF for BSidesZadar is open! Explore a smart home full of flaws, devices, and hidden flags. No matter your skill level -- you’re welcome. Brought to you in collaboration with TeamViris 🔗 zadar.vuln.casa #CTF #BSides #infosec #cybersecurity

Today we are with our Vulnerable Hacker House at BSides Tallinn ! Great venue, great people!