🚨 A RCE Vulnerability (CVE-2022-26134) in Atlassian's Confluence Server and Data Center is being actively exploited. ⛔ Block all internet traffic to and from those devices until an update is available and applied. Cybersecurity and Infrastructure Security Agency's KEV now includes this vul: go.usa.gov/xJDf2

OpenBGPD 7.7 released undeadly.org/cgi?action=art… #openbgpd #bgp #routing #openbsd

Last week we added ELEVATE-4 github.com/subat0mik/Misc… to Misconfiguration Manager. tl;dr If SCCM uses AD CS for PKI, client auth certs are "borrowed" by clients during OSD. This will typically be a distribution point but could be the site server in all-in-one deployments...

github.com/XieyangSun/TEM…

This is so much! 🔥🔥😎 Found two new Potato triggers just today. Not only Potato but can also be used for LPE as remote auth is done which could be relayed to LDAP without Signing enabled. Or relayed to ADCS for a certificate. github.com/warpnet/MS-RPC…

We don’t have 25 years any more. Now we only have 12.5 years until the Year 2038 bug.

Update: the Mattress salesman is great at finding bugs.

🎉 You’ve been asking for it. The Caido Scanner plugin is finally here. Run checks in the background or scan specific requests on demand to find issues like reflected XSS, SQL injection, and CORS misconfigs. All checks are open source. Add your own and help the list grow 💪

Windows tools have issues handling file names. "tasklist.exe" cannot list the loaded modules when a DLL with a long file name is loaded into the process's memory. This could trigger some MalDevs #redteam #blueteam #malware

If you missed this talk at BH/DC last week, it's worth a read: "From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion". Awesome work from Shu-Hao, Tung (123ojp) covering practical attacks on GRE and VxLAN tunnels: media.defcon.org/DEF%20CON%2033…

Phrack turns 40. The digital drop is live. Download it. Archive it. Pass it on. 💾 phrack.org #phrackat40 #phrack72

Turns out my #PHRACK article is live! 🔥 > The Art of PHP — My CTF Journey and Untold Stories! Kinda a love letter to those CTF players & PHP nerds! Hope all the credit goes to the right ppl. Also huge thanks to [email protected] for not forgetting me, TMZ for the edits, and the

Microsoft: WMIC will be removed after Windows 11 25H2 upgrade - Sergiu Gatlan bleepingcomputer.com/news/microsoft… bleepingcomputer.com/news/microsoft…

We could find the recently leaked North Korean Linux stealth rootkit, but have made it better by completely decloaking the hidden module in Sandfly 5.5.4. Works on other rootkit variants as well like those based on Reptile. Read more at the link below.

Credential Guard was supposed to end credential dumping. It didn't. Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

Google research created a dataset with rainbow tables for NetNTLMv1 with the 1122334455667788 challenge. research.google/resources/data… Dataset is available for download at: ▪️console.cloud.google.com/storage/browse… [Login required] ▪️gs://net-ntlmv1-tables

If you like BloodHound and AD Hacking let me introduce you to BloodBash No web front end No neo4j No complexity Collect your AD artifacts with Sharphound Run `BloodBash ./pathToSharphoundOutput` That's it! github.com/DotNetRussell/…