What are your hacking goals for 2023? #hacking #BugBounty #bugbountytips #hacker

I hacked a large company (70k+ employees) through social engineering. Legally of course. • I set up the infrastructure • Scraped names & emails with LinkedIn • Sent 200 phishing emails. I had access to their AWS console within 2 minutes. And much more:

github.com/vitoplantamura… => „BugChecker is a SoftICE-like kernel and user mode debugger, supporting Windows versions from XP to 11, both x86 and x64)“ #SoftIce #Debugging #Oldschool

Pleased to share that I'll be delivering the keynote at the 10th Information Security Conference in Greece on Feb 22, 2023. My talk: "The Future of Cyber Security: Preparing for the Unforeseen" #cybersecurity #infosec #futureofsecurity

The Billion Dollar Vulnerability Forcing a Major Fork On The Ethereum Chain youtu.be/9VRft_-JEuk

The Department of Justice has announced the arrest of Anatoly Legkodymov. Legkodymov, the Founder and Majority Owner of Bitzlato Ltd, is accused of laundering more than $700,000,000 in illicit funds from ransomware groups and Hydra Marketplace More info: justice.gov/usao-edny/pr/f…

I'm happy to announce the first keynote speaker at CanSecWest in Vancouver on March 22-24 will be Dino Dai Zovi (Dino A. Dai Zovi) who is always amazingly insightful. secwest.net

The Mailchimp Security team identified an unauthorized actor accessing one of the tools used by Mailchimp customer-facing teams for customer support and account administration. #hacking #infosec #Mailchimp More: mailchimp.com/january-2023-s…

"deepce: Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)" #infosec #pentest #redteam github.com/stealthcopter/…

The Apple Lisa source code is here! Check it out. bit.ly/3XpVLyK #AppleLisa #ArtOfCode

tl;dr Threat Actors don't need malicious documents, they just need Google ads and a stolen credit card x.com/vxunderground/…

Wait... they never fixed that?? 🤣 httpd.apache.org/security/vulne…

Someone criticized us for using "the LGBTQ flag" in this artwork (made by nico n.), and said they would not follow vx-underground if we supported "the homosexual agenda". We have decided to make that our entire theme for the time being.

How do we encourage women to pursue tech? reddit.com/r/programmerhu…

I can highly recommend to work with Moritz Jodeit

New blog post and updated #binaryninja plugin: "Statistical Analysis to Detect Uncommon Code" We use statistics to identify obfuscation in an #Anticheat, a mobile DRM, a #Windows kernel module & malware. Link: synthesis.to/2023/01/26/unc… Code: github.com/mrphrazer/obfu…

A prototype Burp Suite extension for Enterprise/Pro using the new Montoya API. Leverages the Google Safe Browsing API to check that any URLs in the enumerated site map aren't known to be malicious. Help detect those watering holes! Code 👇 gist.github.com/olliewuk/c518e… [1/2]

DroppedConnection - a fake VPN server that captures credentials and executes code via the Cisco AnyConnect client. research.nccgroup.com/2023/03/01/mak…

During a recent code review I noticed something in the VSCode Language Server JSONRPC implementation that made my brain tingle. Why not investigate this on stream? Maybe we find nothing, maybe we find something useful. twitch.tv/liveoverflow

How often do you use ChatGPT and alike weekly? #ChatGPT #OpenAI