SCCM is one of the most relied-on enterprise tools, but that legacy comes with risk. Join Garrett this Friday at #BSidesPDX as he discusses how attackers can abuse #SCCM Entra integrations to gain admin access. ➡️ ghst.ly/3L4nkwG

Coercing machine authentication on Windows 11 /2025 using the MS-PRN/PrinterBug DCERPC edition, since named pipes are no longer used. Kerberos fails in this case due to a bad SPN from the spooler, forcing NTLM fallback.

How many snowflake parents will be triggered by a teacher who is having her students learn: • to pay attention to their surroundings • hand eye co-ordination • work both as a team and individuals • have fun • get exercise • take a knock down and get back up

Dogs are such great sports and the most awesome Halloween sidekick!🎃 😅🤣

Step-by-step documentation on how to decrypt SCCM database secrets offline github.com/MartinoTommasi…

Retro Tech Dreams Some crashes are failed exploits: github.com/JohnLaTwC/Shar…

Credential Guard was supposed to end credential dumping. It didn't. Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

Stealing Microsoft Teams access tokens in 2025 blog.randorisec.fr/ms-teams-acces…

🛠️ AsmLdr Shellcode loader for Windows x64 environments. Execute encrypted payloads while minimizing detection by advanced antivirus software, endpoint detection and response (EDR) systems, sandboxes, and debuggers Try: github.com/0xNinjaCyclone…

New research shows Credential Guard can still leak creds By abusing Remote Credential Guard, attackers can request NTLMv1 challenge responses and recover NT hashes - even on fully patched Windows 11 with VBS and PPL - Microsoft confirmed and marked it “won’t fix.” - PoC called

This is awesome - Video inbound on it's use and breakdown of how it works.

Chef's kiss - webhook site huntress.com/blog/exploitat…

CVE-2025-59287 is being actively exploited. Update Windows Server Update Services now to reduce risk of a threat actor achieving remote code execution with system privileges. See our Alert for details ➡️ go.dhs.gov/in5 #Cybersecurity

People shouldn’t be scared by this CrowdStrike report. I don’t even know why they added the “AI-enabled ransomware” part -probably a PR idea that nobody stopped The real issue is wrong risk perception. CISOs worry about what sounds new instead of what actually causes incidents.

While the exploit craddles from hawktrace for CVE-2025-59287 did not work in our testbed, github.com/jiansiting/CVE… actually did. Be aware, include SCCM when the Software Update Point role is in use, as this requires WSUS.

🔥 𝗛𝗶𝗴𝗵-𝗙𝗶𝗱𝗲𝗹𝗶𝘁𝘆 𝗗𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻 𝗳𝗼𝗿 𝗪𝗦𝗨𝗦 𝗥𝗲𝗺𝗼𝘁𝗲 𝗖𝗼𝗱𝗲 𝗘𝘅𝗲𝗰𝘂𝘁𝗶𝗼𝗻 A critical deserialization flaw (CVSS 9.8) in Windows Server Update Services (WSUS) — CVE-2025-59287 — enables unauthenticated remote code execution over the network. This

Redirect any Windows TCP and UDP traffic to HTTP/Socks5 proxy github.com/InterceptSuite…

#PRCCDC [Pacific Rim Collegiate Cyber Defense Competition] is looking for some volunteers for Ops, Orange Team, Scoring engine, judges, etc - Fill out the form, get the discord link join the Tuesday meetings: docs.google.com/forms/d/e/1FAI…

24 QUESTIONS TO SHARPEN YOUR CRITICAL THINKING

#PRCCDC [Pacific Rim Collegiate Cyber Defense Competition] Pacific Rim CCDC is looking for some volunteers for Ops, Orange Team, Scoring engine, judges, etc - Fill out the form, get the discord link join the Tuesday meetings: docs.google.com/forms/d/e/1FAI…