This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ Microsoft Threat Intelligence @MsftSecIntel ]
Microsoft observed a 146% rise in adversary-in-the-middle (AiTM) attacks over the last year, indicating that cybercriminals are continuing to find ways to compromise accounts that are protected by multifactor authentication (MFA).
🔗 https://techcommunity.microsoft.com/blog/identity/defeating-adversary-in-the-middle-phishing-attacks/1751777
🐥 [ tweet ]
Microsoft observed a 146% rise in adversary-in-the-middle (AiTM) attacks over the last year, indicating that cybercriminals are continuing to find ways to compromise accounts that are protected by multifactor authentication (MFA).
🔗 https://techcommunity.microsoft.com/blog/identity/defeating-adversary-in-the-middle-phishing-attacks/1751777
🐥 [ tweet ]
😁7👍1
😈 [ Eliran Nissan @eliran_nissan ]
I am excited to share with you my latest research - "DCOM Upload & Execute".
An advanced lateral movement technique to upload and execute custom payloads on remote targets.
Forget about PSEXEC and dive in!
Blog:
🔗 https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor
Code:
🔗 https://github.com/deepinstinct/DCOMUploadExec
🐥 [ tweet ]
I am excited to share with you my latest research - "DCOM Upload & Execute".
An advanced lateral movement technique to upload and execute custom payloads on remote targets.
Forget about PSEXEC and dive in!
Blog:
🔗 https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor
Code:
🔗 https://github.com/deepinstinct/DCOMUploadExec
🐥 [ tweet ]
👍9🤔3😁1
😈 [ Orange Cyberdefense Switzerland @orangecyberch ]
🚨 During a co-funded research project, @PMa1n and @Nodauf, Security Engineers Offensive Security, discovered vulnerabilities in Cortex XDR that could be exploited by unprivileged users.
🔗 https://blog.scrt.ch/2024/12/05/attacking-cortex-xdr-from-an-unprivileged-user-perspective/
🐥 [ tweet ]
🚨 During a co-funded research project, @PMa1n and @Nodauf, Security Engineers Offensive Security, discovered vulnerabilities in Cortex XDR that could be exploited by unprivileged users.
🔗 https://blog.scrt.ch/2024/12/05/attacking-cortex-xdr-from-an-unprivileged-user-perspective/
🐥 [ tweet ]
🔥5👍2
Forwarded from PT SWARM
🇻🇳 The Positive Hack Talks in Vietnam has finished!
Slides from our researcher Arseniy Sharoglazov: https://static.ptsecurity.com/events/exch-vietnam.pdf
Wordlist: https://github.com/mohemiv/dodgypass
🎁 Includes a PoC for MyQ Unauthenticated RCE! (CVE-2024-28059)
Slides from our researcher Arseniy Sharoglazov: https://static.ptsecurity.com/events/exch-vietnam.pdf
Wordlist: https://github.com/mohemiv/dodgypass
🎁 Includes a PoC for MyQ Unauthenticated RCE! (CVE-2024-28059)
🔥6👍4
Offensive Xwitter
😈 [ Synacktiv @Synacktiv ] Oh, you didn't know? Cool kids are now relaying Kerberos over SMB 😏 Check out our latest blogpost by @hugow_vincent to discover how to perform this attack: 🔗 https://www.synacktiv.com/publications/relaying-kerberos-over-smb-using…
😈 [ Synacktiv @Synacktiv ]
You can now relay any protocol to SMB over Kerberos with krbrelayx[.]py and the latest PRs from @hugow_vincent.
Thanks @_dirkjan for merging it!
Here is an example from SMB to SMB:
🔗 https://github.com/dirkjanm/krbrelayx/pull/46
🐥 [ tweet ]
You can now relay any protocol to SMB over Kerberos with krbrelayx[.]py and the latest PRs from @hugow_vincent.
Thanks @_dirkjan for merging it!
Here is an example from SMB to SMB:
🔗 https://github.com/dirkjanm/krbrelayx/pull/46
🐥 [ tweet ]
🔥9
😈 [ Petr Beneš @PetrBenes ]
Another blog post, yay!
This time about how MASM makes up section names that might mess up the intended order of your code.
Of course, it's not documented anywhere.
🔗 https://wbenny.github.io/2024/12/08/section-order-masm-text-mn-subsection.html
🐥 [ tweet ]
Another blog post, yay!
This time about how MASM makes up section names that might mess up the intended order of your code.
Of course, it's not documented anywhere.
🔗 https://wbenny.github.io/2024/12/08/section-order-masm-text-mn-subsection.html
🐥 [ tweet ]
😈 [ Elastic Security Labs @elasticseclabs ]
#ElasticSecurityLabs has discovered PUMAKIT, a new #linux #malware with advanced stealth mechanisms. The kernel rootkit is capable of privilege escalation, anti-debugging measures, and more. Get the details here:
🔗 https://www.elastic.co/security-labs/declawing-pumakit/
🐥 [ tweet ]
#ElasticSecurityLabs has discovered PUMAKIT, a new #linux #malware with advanced stealth mechanisms. The kernel rootkit is capable of privilege escalation, anti-debugging measures, and more. Get the details here:
🔗 https://www.elastic.co/security-labs/declawing-pumakit/
🐥 [ tweet ]
👍5
😈 [ Tim Willis @itswillis ]
Finding 0day is not the most impactful thing that Project Zero does 😲 — it's sharing knowledge 🧠. One part of that sharing is our tooling work to help other devs and reserachers.
Today's installment, @tiraniddo's updated OleView[.]NET 👍
Blog:
🔗 https://googleprojectzero.blogspot.com/2024/12/windows-tooling-updates-oleviewnet.html
🐥 [ tweet ]
Finding 0day is not the most impactful thing that Project Zero does 😲 — it's sharing knowledge 🧠. One part of that sharing is our tooling work to help other devs and reserachers.
Today's installment, @tiraniddo's updated OleView[.]NET 👍
Blog:
🔗 https://googleprojectzero.blogspot.com/2024/12/windows-tooling-updates-oleviewnet.html
🐥 [ tweet ]
🔥6👍2🍌2
Forwarded from Positive Technologies
This media is not supported in your browser
VIEW IN TELEGRAM
В октябре мы объявили о разработке нового продукта PT Dephaze для автоматической проверки защищенности инфраструктуры и тестирования на проникновение.
Запустить продукт мы планируем в феврале 2025 года, а сейчас готовы поделиться с вами промежуточными результатами и показать, какие инструменты и техники будут применяться для проведения пентестов.
На трансляции вы увидите, как продукт:
В конце трансляции подробно расскажем о коммерческом запуске и старте пилотных проектов PT Dephaze.
#PTDephaze
@Positive_Technologies
Please open Telegram to view this post
VIEW IN TELEGRAM
🥱20👍6🔥4
😈 [ DeLuks @0xDeLuks ]
After a few weeks of work, here it is, the packer blog-post. Enjoy! :D
🔗 https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/
🐥 [ tweet ]
After a few weeks of work, here it is, the packer blog-post. Enjoy! :D
🔗 https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/
🐥 [ tweet ]
👍5
This media is not supported in your browser
VIEW IN TELEGRAM
😈 [ 𝙻𝚊𝚠𝚛𝚎𝚗𝚌𝚎 @zux0x3a ]
I have finally released ZigStrike toolkit I was working on it, which is written in zig. it comes with several injection methods and neat web portal to select and build desired payload.
give it a try, I used one of its technique to bypass MDE (detailed in a blog).
Blog:
🔗 https://kpmg.com/nl/en/home/insights/2024/12/zig-strike-the-ultimate-toolkit-for-payload-creation-and-evasion.html
Code:
🔗 https://github.com/0xsp-SRD/ZigStrike
🐥 [ tweet ]
I have finally released ZigStrike toolkit I was working on it, which is written in zig. it comes with several injection methods and neat web portal to select and build desired payload.
give it a try, I used one of its technique to bypass MDE (detailed in a blog).
Blog:
🔗 https://kpmg.com/nl/en/home/insights/2024/12/zig-strike-the-ultimate-toolkit-for-payload-creation-and-evasion.html
Code:
🔗 https://github.com/0xsp-SRD/ZigStrike
🐥 [ tweet ]
👍11🔥5
😈 [ TrustedSec @TrustedSec ]
For the next installment in his malware blog series, Principal Security Consultant @_snus walks us through using shared memory sections to inject and execute code in a remote process. Read it now!
🔗 https://trustedsec.com/blog/malware-series-process-injection-mapped-sections/
🐥 [ tweet ]
For the next installment in his malware blog series, Principal Security Consultant @_snus walks us through using shared memory sections to inject and execute code in a remote process. Read it now!
🔗 https://trustedsec.com/blog/malware-series-process-injection-mapped-sections/
🐥 [ tweet ]
🔥4👍2
😈 [ Jonathan Beierle @hullabrian ]
This is some research that @_logangoins and I have been working on! It covers disabling EDR with WDAC and provides an overview of potential detection and mitigation techniques, as well as a custom tool to perform the attack remotely.
🔗 https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/
🐥 [ tweet ]
This is some research that @_logangoins and I have been working on! It covers disabling EDR with WDAC and provides an overview of potential detection and mitigation techniques, as well as a custom tool to perform the attack remotely.
🔗 https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR/
🐥 [ tweet ]
🔥10👍3
😈 [ Alex Neff @al3x_n3ff ]
A lot of cool new features for the MSSQL protocol just got merged into NetExec🔥
- RID brute forcing, made by @Adamkadaban
- MSSQL coercion, made by @lodos2005
- 6 new modules abusing MSSQL trusted links, made by deathflamingo
🐥 [ tweet ]
A lot of cool new features for the MSSQL protocol just got merged into NetExec🔥
- RID brute forcing, made by @Adamkadaban
- MSSQL coercion, made by @lodos2005
- 6 new modules abusing MSSQL trusted links, made by deathflamingo
🐥 [ tweet ]
👍17🔥8
😈 [ Simon @TheCyberSimon ]
Greetings Hackers on the web.
For the hackers out there ricing their Linux and crushing @hackthebox_eu challenges, here’s a slick HackTheBox-themed i3 setup.
Credit: BotnetBuddies
Repo:
🔗 https://github.com/botnetbuddies/hackthebox-themes
🐥 [ tweet ]
Greetings Hackers on the web.
For the hackers out there ricing their Linux and crushing @hackthebox_eu challenges, here’s a slick HackTheBox-themed i3 setup.
Credit: BotnetBuddies
Repo:
🔗 https://github.com/botnetbuddies/hackthebox-themes
🐥 [ tweet ]
🔥10👍1
😈 [ Matcluck @doopsec ]
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
🔗 https://github.com/CrowdStrike/sccmhound
🐥 [ tweet ]
Just released SCCMHound! A BloodHound collector for SCCM. SCCMHound allows both attackers and defenders to construct BloodHound datasets using the vast
amount of information that is stored/retrievable through SCCM. Feel free to take it for a spin!
🔗 https://github.com/CrowdStrike/sccmhound
🐥 [ tweet ]
👍13🤔4🥱1
😈 [ sixtyvividtails @sixtyvividtails ]
Small gift for you! 🔺🟦🔺
Code to reliably stop almost any 3rd party Windows security system, via
No privileges needed at all, user rights are enough. Shall work on most OS: 10 22H2, 11 24H2, WS2022.
But: it requires CI policies (e.g. HVCI/UMCI on).
🐥 [ tweet ]
Small gift for you! 🔺🟦🔺
Code to reliably stop almost any 3rd party Windows security system, via
ci!CiValidateFileAsImageType.No privileges needed at all, user rights are enough. Shall work on most OS: 10 22H2, 11 24H2, WS2022.
But: it requires CI policies (e.g. HVCI/UMCI on).
🐥 [ tweet ]
😢3
😈 [ CCob🏴 @_EthicalChaos_ ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
Sorry folks, I had to remove the Disconnected GPO project from GitHub... but never fear, it has returned as Disconnected RSAT since it now supports the Certificate Authority and Certificate Templates snap-ins in addition to Group Policy support.
🔗 https://github.com/CCob/DRSAT
🐥 [ tweet ]
🔥6👍3