Expose Smartphone Fingerprint Authentication to Brute-force Attack

PowerShell Obfuscation Bible

— repo: https://github.com/t3l3machus/PowerShell-Obfuscation-Bible
— video: https://www.youtube.com/watch?v=tGFdmAh_lXE

MaccaroniC2 - Empowering Command & Control using AsyncSSH

MaccaroniC2 is a proof-of-concept Command and Control framework that utilizes the powerful AsyncSSH Python library which provides an asynchronous client and server implementation of the SSHv2 protocol and use PyNgrok wrapper for ngrok integration. This tool is inspired for a specific scenario where the victim runs the AsyncSSH server and establishes a tunnel to the outside, ready to receive commands by the attacker:

— https://github.com/CalfCrusher/MaccaroniC2

Evading MDATP for Full Endpoint Compromise

The purpose of this article will be showcasing the full compromise of an up-to-date Windows 10 endpoint protected by Microsoft's EDR solution Windows Defender Advanced Threat for Endpoint:

— https://www.fo-sec.com/articles/compromising-mdatp-endpoint

Six Best Practices Recommendations for Simplifying Firewall Compliance and Risk Mitigation, based on PCI DSS, ISO 27002

File Archiver In The Browser

This article explores a phishing technique that emulates a file archiver software in the browser while using a .zip domain:

— https://mrd0x.com/file-archiver-in-the-browser/?no-cache=1

/ APT 29 Initial Access Killchain -MITRE ATT@CK Mappin

https://michaelkoczwara.medium.com/apt-29-initial-access-killchain-mitre-att-ck-mapping-f82286fa13ba

/ Analysis of Amadey Bot Infrastructure Using Shodan

Here you'll see how to use a known c2 to craft additional queries based on html content and certificate information. In total, 12 unique servers will be identified:

https://embee-research.ghost.io/amadey-bot-infrastructure/

Dynamically program the kernel for efficient networking, observability, tracing, and security

this is eBPF… mf… where else to find time for all this..

— https://ebpf.io/

Windows LAPS EventIDs and XPath Queries

The Local Administrator Password Solution (LAPS) is a vital tool for managing and securing local administrator accounts in Windows environments. Microsoft recently released an updated version of Windows LAPS, introducing new Event IDs to help administrators monitor and manage their environment effectively. In this blog post, we'll explore these Event IDs and discuss how you can use them to enhance your security and monitoring strategies:

— https://www.kaidojarvemets.com/windows-laps-eventids-and-xpath-queries/

Harnessing The Power Of Cobalt Strike Profiles For EDR Evasion

— https://whiteknightlabs.com/2023/05/23/unleashing-the-unseen-harnessing-the-power-of-cobalt-strike-profiles-for-edr-evasion/

Free (9) short cources from GitLab

— GitLab 101. 1h - https://levelup.gitlab.com/courses/gitlab101
— GitLab 201. 1h - https://levelup.gitlab.com/courses/gitlab-201-certification
— GitLab CI/CD. 3h - https://levelup.gitlab.com/courses/continuous-integration-and-delivery-ci-cd-with-gitlab
— GitLab Security Essentials. 4 1/2h - https://levelup.gitlab.com/courses/security-essentials
— GitLab Technical Writing Fundamentals. 3h - https://levelup.gitlab.com/courses/gitlab-technical-writing-fundamentals
— GitLab with Git Essentials. 4h - https://levelup.gitlab.com/courses/gitlab-with-git-essentials
— GitLab Agile Project Management. 2 ½hours - https://levelup.gitlab.com/courses/gitlab-agile-project-management
— Remote Foundations Certification. 2h - https://levelup.gitlab.com/courses/remote-foundations
— TeamOps. 1-2h - https://levelup.gitlab.com/courses/teamops

Cyber Security Glossary: Cyber Security Terms Listed From A To Z

https://www.allot.com/100-plus-cybersecurity-terms-definitions/

How HTTPS Works

В проекте OpenBLD.net DNS запущен режим OpenBLD+
 
Проект живет благодаря поддержке пользователей, сегодня есть возможность оформить подписку за 3$+, в замен получить:

• Персональную поддержку, помощь в расследовании Cybersecurity инцидентов
• Hardening, AppSec консультации, +консультации по SEO оптимизации Вашего сайта
• Улучшенная скорость доставки Вашего сайта/Домена пользователям OpenBLD.net DNS
• Лого компании или никнейм на сайте проекта со ссылкой на сайт или соц. профиль
• Unlimited доступ для выделенных IP
• Есть вопросы / предложения - welcome @sysadminkz

💪 Или просто закинь по братски на кофе ☕️

*en* - OpenBLD+ Benefits
*ru* - Что дает OpenBLD+

Freeze[.]rs - payload creation tool used for circumventing EDR

— https://github.com/optiv/Freeze.rs

BRUTEPRINT: Expose Smartphone Fingerprint Authentication to Brute-force Attack

Technical paper

SecList

collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more

— https://github.com/danielmiessler/SecLists

Supply Chain Risk From Gigabyte App Center Backdoor

Recently, the Eclypsium platform began detecting suspected backdoor-like behavior within Gigabyte systems in the wild.

..analysis discovered that firmware in Gigabyte systems is dropping and executing a Windows native executable during the system startup process, and this executable then downloads and executes additional payloads insecurely. It uses the same techniques as other OEM backdoor-like features like Computrace backdoor (a.k.a. LoJack DoubleAgent)..:

https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/

/ Discovering the origin host to bypass web application firewalls

— https://labs.detectify.com/2022/05/09/discovering-the-origin-host-to-bypass-waf/