A #malware sandbox is an isolated environment used to safely run and observe suspicious files. Here are available #malware analysis sandbox tools and services 😎👇 Find a pdf ebook with all my #cybersecurity infographics from study-notes.org #infosec #ethicalhacker

⚡ Researcher Reverse-Engineered 0-Day Used to Disable CrowdStrike EDR Source: cybersecuritynews.com/0-day-disable-… A new Bring Your Own Vulnerable Driver (BYOVD) attack that can turn off top-tier endpoint security solutions, including CrowdStrike Falcon. By reverse-engineering a

🧰 Top 10 Tools Most Used by Cybercriminals Based on our ongoing interviews with threat actors and underground monitoring, we asked one simple question: “What do you actually use?” Here’s the reality 👇 1. Lumma Stealer Still one of the most dominant infostealers. Massive

⚠️ Windows Active Directory Vulnerability Allows Attackers to Execute Malicious Code Source: cybersecuritynews.com/windows-active… Microsoft has released urgent security updates to address a critical vulnerability in Windows Active Directory that allows attackers to execute malicious code.

🚨 SpankRAT Exploits Windows Explorer Processes for Stealth and Delayed Detection Source: cybersecuritynews.com/spankrat-explo… A newly identified two-component Remote Access Trojan (RAT) toolkit built in Rust, dubbed SpankRAT, is being used by threat actors to abuse legitimate Windows

Tanner Curity John Hammond These invocations followed after typical enumeration commands: → whoami /priv → cmdkey /list → net group and others that indicate hands-on-keyboard threat actor activity. Huntress has isolated the affected organization to prevent further post-exploitation.

🚨 Hackers Use Nightmare-Eclipse Tools After Compromising FortiGate SSL VPN Access Source: cybersecuritynews.com/nightmare-ecli… A real-world intrusion campaign leveraging publicly available Nightmare-Eclipse privilege escalation tooling, BlueHammer, RedSun, and UnDefend, following what

12 Git Commands

⚠️ CrowdStrike LogScale Vulnerability Allows Remote Attackers to Read Files from Server Source: cybersecuritynews.com/crowdstrike-lo… An urgent security advisory for a critical unauthenticated path-traversal vulnerability (CVE-2026-40050) affecting its LogScale platform, warning that a

𝗕𝗘𝗦𝗧 𝗢𝗦𝗜𝗡𝗧 𝗧𝗢𝗢𝗟𝗦 🔍 (𝗪𝗶𝘁𝗵 𝗨𝗥𝗟𝘀 🌐 + 𝗣𝘂𝗿𝗽𝗼𝘀𝗲 🎯) 1️⃣ Shodan 🔗 shodan.io 🎯 Finds internet-connected devices (cameras, servers, IoT) 2️⃣ Censys 🔗 search.censys.io 🎯 Scans internet assets & SSL certificates 3️⃣ Criminal IP 🔗

He built a script that calls back spam callers and traps them in an endless loop.🤣😈

Hacking tools cheat sheet (right click, download, zoom in on contents).

🛡️ 𝗛𝗮𝗰𝗸𝗲𝗿 𝗦𝗲𝗮𝗿𝗰𝗵 𝗘𝗻𝗴𝗶𝗻𝗲𝘀 (𝗢𝗦𝗜𝗡𝗧) 🌐 Infra • Shodan — Find exposed devices shodan.io • Censys — Internet-wide asset view censys.io • FOFA — Asset discovery fofa.info • ZoomEye — Attack surface mapping

If you wanna stay on top of cybersecurity news, you need these sites in your RSS reader BleepingComputer DarkReading RecordedFuture - The Record SecurityWeek DataBreachedNet TheRegister HackerNews (hit or miss) KrebsOnSecurity 404Media ArsTechnica TechDirt

Twitter brand is so strong it was renamed and it’s still Twitter.

Format a 16 GB USB drive. Open it. All files deleted. Take it to IT guy All 16 GB of files are restored. Where were they stored?

🚨Cyber Alert ‼️ 🇺🇸US - 𝗨𝗱𝗲𝗺𝘆 ShinyHunters claims to have breached Udemy, with over 1.4M records compromised, including PII and other internal corporate data. Threat actor: ShinyHunters Sector: Education Data exposure (claimed): 1,400,000 records Data type: Personal data

🔬Windows Directories For SOC Analysts 🔖#infosec #cybersecurity #hacking #pentesting #security

⚡ 𝟭𝟮 𝗘𝗦𝗦𝗘𝗡𝗧𝗜𝗔𝗟 𝗖𝗬𝗕𝗘𝗥𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗦𝗞𝗜𝗟𝗟𝗦 𝗧𝗛𝗔𝗧 𝗗𝗘𝗙𝗜𝗡𝗘 𝗠𝗢𝗗𝗘𝗥𝗡 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗘𝗫𝗣𝗘𝗥𝗧𝗦