I know this has been delayed but i still have 17/20 of my $100 hak5 giftcards I won to give away! this one ends 6pm CST March 28th Details to enter: github.com/I-Am-Jakoby/Gi… I've created a centralized place where you guys can always see what the current giveaway is, who the

Theory on #3CX exploitation. It may be related to Critical #CVE-2022-28005. Look for suspicious requests to /Electron/download/windows. Anyone can confirm? opencve.io/cve/CVE-2022-2…

CrowdStrike Sophos ESET Palo Alto Networks SentinelOne MalwareHunterTeam .SentinelOne has released an in-depth analysis of the malware and payload, they have dubbed it 'SmoothOperator'. The final payload exfiltrates data from web browsers Chrome, Edge, Brave, and Firefox. tl;dr largest data theft in history? sentinelone.com/blog/smoothope…

Here is a list of all authentication methods available in Azure Active Directory and scenarios they can be used in. Feedback is welcome. dsinternals.com/en/aad-azure-a…

Google Dorks Open Redirect⚔️ inurl:url=https inurl:url=http inurl:u=https inurl:u=http inurl:redirect?https inurl:redirect?http inurl:redirect=https inurl:redirect=http inurl:link=http inurl:link=https inurl:redirectUrl=http site:paypal.com #infosec #bugbountytips

😱. Need some subdomain data, really, really, really quick? Without using command line tools? Checkout - subdomainfinder.c99.nl

If anyone wants the unredacted Genesis Market Onion genesis7zoveavupiiwnrycmaq6uro3kn5h2be3el7wdnbjti2ln2wid[.] onion #GenesisMarket

Andrew King (AJ) Create a table with top 25 US companies, Mention Yes or No if they have SOC2, Mention Yes or No for their SOC3, mention yes or no for FedRAMP, mention yes or no for PCI DSS, Mention yes or no for ISO/IEC 27001, Mention Yes or no for BSI CS, Mention Yes or no for Data Breach.

#Qakbot Shot with full Arsenal of #TTPs 🚨 #DFIR exec flow: One > IMG > WSF > PS > DLL > Injection TA based initial infection on User Execution (T1204), two elements used OneNote #MalDoc with fake Microsoft Azure template and IMG File (#MoTW) contains .wsf next stage script

This time with video & better audio

Validin #raccoonv2 / #RecordBreaker #dllhosts: txt: github.com/Gi7w0rm/Malwar… csv: github.com/Gi7w0rm/Malwar… OTX(#OpenIoC/#stix): otx.alienvault.com/pulse/64388f11…

Active #Gamaredon #APT infra to track + few new domains nahalx[.]ru baraslx[.]ru 170.64.132[.]183 137.184.9[.]252 146.190.104[.]237 68.183.122[.]121 195.133.88[.]63 178.128.53[.]132 143.244.184[.]231 164.92.96[.]103 195.133.88[.]49 Mikhail Kasimov 匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ ET Labs

Hunting Malicious Infrastructure using JARM and HTTP Response 🎯 I have described my processs and methodology you can apply when hunting malicious infrastructure with two practical examples 👇 QBot C2 Infrastructure Brute Ratel C4 medium.com/@michaelkoczwa… Hope you can find it

🚨 Cisco Implant traffic detected from 192.3.101[.]111 . Looking for DNS settings, likely to ID targets.

I uploaded an .env with a password to this GPT. Can you get the GPT to reveal it? chat.openai.com/g/g-rPXIjHNDK-…

You all know this had to happen 😜 Doom on the Kali Linux NetHunter TicWatch Pro 3 Mobvoi_Official Christian B. TimInBrum