How VPN works

*keyboard noises* "im in, boss. activating the baby jiggler"

started as a a fun way to take notes ... 16 mindmaps so far :) github.com/sbousseaden/Sl…

if you dont like rage against the machine we cant be friends. sorry its the law.

i found an OSI layer cake. hehehe.

uɐpʇou@ ✸ Hungry hungry GIGO.

That escalated quickly #Lapsus #Nvidia #LeakedCertificate Mimikatz virustotal.com/gui/file/9d123… KDU virustotal.com/gui/file/0e163…

I wonder how many hours / days / weeks of analyst time was wasted on outdated IOCs, especially IPs that now have completely different owners #IOCs

Single SOC analyst trying to provide full coverage after teammates call in sick on the holiday weekend...

When they tell you their name and job and you gotta act surprised because you work in infosec so you already stalked them.. 💀

When you're trying to enter the bios menu after booting

tl;dr security through internet speed

Mick Douglas 🇺🇦🌻 Developers call it a workaround. Security call it an exploit.

Please do the incident response team a favor, and check that the X-Forwarded-For Header is set on all your reverse proxies / load-balancers / etc. They will thank you later.

Since Cobaltstrike v4.9 is leaked and sooner or later it will be exploited, here is the detection for beacon's core. This detection cannot be modified with malleable profiles. EDRs like Crowdstrike/Elastic/MDATP which constantly scan the memory region for known patterns should

📢 New Microsoft Threat Report: "ViewState Code Injection Attacks Using Publicly Disclosed ASP.NET Machine Keys" I wanted to understand deeper how works the attack so I created a detailed overview. Hope that helps 🤓 👉 microsoft.com/en-us/security…

ᴍᴀʟᴡᴀʀᴇ ɪɴ ᴛʜᴇ ꜱᴜʙᴛɪᴛʟᴇꜱ.

NVISO identified a campaign where #DeerStealer spread via fake Chrome updates on infected sites, using #Telegram to report infections. Together with Lontz and Nef, we took a closer look at how adversaries are abusing Telegram and shared #KQL queries for detection.