Believe it or not, this isn't AI. This is typical orange kitty cat behavior (they're crazy)

Employees who approve MFA for a Threat Actor will be assigned an MFA Bop It! going forward. You will twist it. You will pull it. You will bop it.

Ever wanted to exhaustively list every ACE your user has on AD objects? Well, it’s now possible with DACLSearch. Whether for security research or making sure you didn't miss an interesting ACE, this tool is for you. 🔗 Repo link : github.com/cogiceo/DACLSe…

New research shows Credential Guard can still leak creds By abusing Remote Credential Guard, attackers can request NTLMv1 challenge responses and recover NT hashes - even on fully patched Windows 11 with VBS and PPL - Microsoft confirmed and marked it “won’t fix.” - PoC called

Google research created a dataset with rainbow tables for NetNTLMv1 with the 1122334455667788 challenge. research.google/resources/data… Dataset is available for download at: ▪️console.cloud.google.com/storage/browse… [Login required] ▪️gs://net-ntlmv1-tables

A critical pre-auth RCE in MS WSUS (CVE-2025-59287) is now being actively exploited. If you expose WSUS to the Internet (pls, why?), patch immediately and review for prior compromise. Need help assessing exposure? watchTowr.com

I bet at least 80% of Entra admins would blindly grant RoleManagement.ReadWrite.All to an Enterprise app that was purchased by their company Most wouldn't even know what that means - and in doing so, they practically give Global Admin level permissions to the application vendor

the 🆁🅰🅽🅶🅴 of APT malware.

Together with Sweden, Ukraine will significantly increase its combat aviation numbers. This is an ambitious task and it must be fulfilled. A historic step has been taken now – an agreement with Sweden on Gripen fighter aircraft, and that’s a good choice. We are counting on 150

Based on the indicators mentioned in Huntress' blog post I drafted a #YARA rule to detect forensic artifacts on exploited #WSUS servers vulnerable to CVE-2025-59287 github.com/Neo23x0/signat…

Holy Moly, Dirk-jan has been busy the past two years lol github.com/dirkjanm/ROADt…

Kerberos Constrained Delegation without Protocol Transition through a Resource-Based Constrained Delegation configured for a principal without Service Principal Names

Here's an easy way to craft these sign in urls signin.merill.net

Detecting Process Hollowing. A post by Leo Bastidas from TrustedSec exploring the popular technique, where a malicious payload is concealed within a legitimate process, and providing detailed methods for its detection and defense. Source: trustedsec.com/blog/the-night… #redteam

Did you know that there's a dangerous setting in Teams that allows anyone with a Teams account to contact your users through Teams? Disable "People in my organization can communicate with unmanaged Teams accounts" (i.e. those with Microsoft.com accounts) by switching

NetSupport RAT operators: *sees our blog and updates loader to use random filenames + renaming* Us: *updates unpacking tool same day* They really thought that would stop us 😂 Tool: github.com/eSentire/iocs/… Sample: virustotal.com/gui/file/1ecd7… C2: foundationasdasd[.]com

Here’s what I have on ChatGPT Atlas’ security so far. I’ll have to do multiple threads as I find more, as I have a newborn that thinks she’s more important than AI security (she is). This thread is just some preliminary findings.

Alright here's another interesting one. More infostealer stuff but worth a look. There's a couple parts to this so I'll attempt to summarize. Thanks MalwareHunterTeam for sharing :) Starting with the initial mach-O, (readable strings?!?!) Ugly plist for persistence. 🧵

China is the sole producer of samarium and the only country to master the difficult art of refining ultrapure dysprosium: the entire world’s supply, needed for superfast chips, comes from a single factory near Shanghai. China makes 90% of the world’s rare earth magnets, used in

I’m holding a ConfigMgr/Imaging meeting with the entire help desk where I work on Friday. I have a whole ass slide deck, a 13 page packet of SOPs, and because it will be Halloween, a bag of candy. It can’t come soon enough. Whoever trained the new guys did a terrible job.