Forwarded from DARKNET BR
#DataLeaks | #CIA
@DARKNET_BR
CIA agent hacked computer files, includes intercepted sms, calls + military documents, insurance cards and sensitive informations/documents.
@DARKNET_BR
A massive cyber espionage campaign, which we found so spooked US intelligence that it changed how the government handles DNS registration, was the work of hackers aligned with the Turkish government https://t.co/5jg4WFFI5W
https://twitter.com/Bing_Chris/status/1221806195901636614?s=20
🦠 @Phantasm_Lab
https://twitter.com/Bing_Chris/status/1221806195901636614?s=20
🦠 @Phantasm_Lab
Twitter
Chris Bing
A massive cyber espionage campaign, which we found so spooked US intelligence that it changed how the government handles DNS registration, was the work of hackers aligned with the Turkish government https://t.co/5jg4WFFI5W
New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed" https://t.co/i5s2lX8FJL
https://twitter.com/josephfcox/status/1221796061678694401?s=20
🦠 @Phantasm_Lab
https://twitter.com/josephfcox/status/1221796061678694401?s=20
🦠 @Phantasm_Lab
CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
🐉 @Phantasm_Lab
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
🐉 @Phantasm_Lab
Modern Vulnerability Exploitation: The Heap Overflow
https://www.youtube.com/watch?v=2LSL_vRyCKY
🐉 @Phantasm_Lab
https://www.youtube.com/watch?v=2LSL_vRyCKY
🐉 @Phantasm_Lab
YouTube
Modern Vulnerability Exploitation: The Heap Overflow
A look at the less infamous heap overflow vulnerability.
This video is for educational purposes only.
I did not create this video.
This video is for educational purposes only.
I did not create this video.
Forwarded from Cyber Threat Intelligence
New Ransomware Strain Halts Toll Group Deliveries - by @serghei
https://t.co/n70sVeu5fM http://twitter.com/BleepinComputer/status/1225093601790693376
https://t.co/n70sVeu5fM http://twitter.com/BleepinComputer/status/1225093601790693376
BleepingComputer
New Ransomware Strain Halts Toll Group Deliveries
Australian transportation and logistics company Toll Group confirmed today that systems across multiple sites and business units were encrypted by a new variant of the Mailto ransomware.
The Absolute AppSec Secure Code Review Framework by Seth Law
https://www.youtube.com/watch?v=Kepd1HsoE8o
🐉 @Phantasm_Lab
https://www.youtube.com/watch?v=Kepd1HsoE8o
🐉 @Phantasm_Lab
YouTube
[2019] The Absolute AppSec Secure Code Review Framework by Seth Law
Let’s face it, performing a manual review of someone else’s source code is hard. It takes time, effort, expertise, and grit to actually figure out what the application does, how the developer implemented it, and if there should be any changes. From an application…
Spot the vuln - Identifying security problems in source code by Eldar Marcussen
https://www.youtube.com/watch?v=85Yx4pNSkkY
🧬 @Phantasm_Lab
https://www.youtube.com/watch?v=85Yx4pNSkkY
🧬 @Phantasm_Lab
YouTube
[2019] Spot the vuln - Identifying security problems in source code by Eldar Marcussen
Do you know source code? or perhaps you know vulnerabilities? See where they intersect and how most vulnerabilities are created. This talk will present a ple...
SDLC - Understand the Software Development Life Cycle
https://stackify.com/what-is-sdlc/
🧬 @Phantasm_Lab
SDLC or the Software Development Life Cycle is a process that produces software with the highest quality and lowest cost in the shortest time. SDLC includes a detailed plan for how to develop, alter, maintain, and replace a software system.https://stackify.com/what-is-sdlc/
🧬 @Phantasm_Lab
Stackify
What Is SDLC? Understand the Software Development Life Cycle - Stackify
In this post, we'll diver deeper into how SDLC works, examine each of the phases, and how to choose an SDLC Model.
Git Feature Branch Workflow
https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow
🧬 @Phantasm_Lab
The core idea behind the Feature Branch Workflow is that all feature development should take place in a dedicated branch instead of the master branch. This encapsulation makes it easy for multiple developers to work on a particular feature without disturbing the main codebase.https://www.atlassian.com/git/tutorials/comparing-workflows/feature-branch-workflow
🧬 @Phantasm_Lab
Atlassian
Git Feature Branch Workflow | Atlassian Git Tutorial
A feature branch is a temporary branch used for development or testing purposes. Learn about the best way to manage them using this guide!
Gitflow Workflow
https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow
🧬 @Phantasm_Lab
Gitflow Workflow is a Git workflow design that was first published and made popular by Vincent Driessen at nvie. The Gitflow Workflow defines a strict branching model designed around the project release. This provides a robust framework for managing larger projects. https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow
🧬 @Phantasm_Lab
Atlassian
Gitflow Workflow | Atlassian Git Tutorial
A deep dive into the Gitflow Workflow. Learn if this Git workflow is right for you and your team with this comprehensive tutorial.
Barq: The AWS Cloud Post Exploitation framework!
https://github.com/Voulnet/barq
🧬 @Phantasm_Lab
barq is a post-exploitation framework that allows you to easily perform attacks on a running AWS infrastructure. It allows you to attack running EC2 instances without having the original instance SSH keypairs. It also allows you to perform enumeration and extraction of stored Secrets and Parameters in AWS.https://github.com/Voulnet/barq
🧬 @Phantasm_Lab
GitHub
GitHub - Voulnet/barq: barq: The AWS Cloud Post Exploitation framework!
barq: The AWS Cloud Post Exploitation framework! Contribute to Voulnet/barq development by creating an account on GitHub.
Esp32 DNS Hijacking
https://www.youtube.com/watch?v=d228X5A_bG4
🧬 @Phantasm_Lab
how to implement simple DNS Hijacking server on the Esp32 chip. For this purpose I've written C library, packaged as a ESP-IDF component. This technique can be used to open Captive Portal on the Esp32.https://www.youtube.com/watch?v=d228X5A_bG4
🧬 @Phantasm_Lab
YouTube
Esp32 DNS Hijacking
In this video I've shown how to implement simple DNS Hijacking server on the Esp32 chip. For this purpose I've written C library, packaged as a ESP-IDF component. This technique can be used to open Captive Portal on the Esp32.
"Domain Name Server (DNS) hijacking…
"Domain Name Server (DNS) hijacking…
Caso Jumpshot: entenda a polêmica da controversa subsidiária da Avast
https://thehack.com.br/caso-jumpshot-entenda-a-polemica-da-controversa-subsidiaria-da-avast/
🏴☠️ @Phantasm_Lab
Uma bomba caiu no colo dos internautas que utilizam o antivírus tcheco Avast na última semana. Uma investigação conjunta da VICE e da PCMag revelou com exclusividade que a companhia europeia estaria comercializando dados altamente sensíveis de alguns de seus usuários através da Jumpshot, sua subsidiária especializada em marketing digital e inteligência de mercado. Entre os clientes de tal empresa secundária, encontram-se marcas como Google, Yelp, Microsoft, McKinsey, Pepsi e Condé Nast.https://thehack.com.br/caso-jumpshot-entenda-a-polemica-da-controversa-subsidiaria-da-avast/
🏴☠️ @Phantasm_Lab
The Hack
Caso Jumpshot: entenda a polêmica da controversa subsidiária da Avast
Empresa “obscura” vendia dados detalhados sobre hábitos de navegação web de usuários do antivírus tcheco.