RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
PyRDP:
https://github.com/GoSecure/pyrdp
PyRDP:
https://github.com/GoSecure/pyrdp
GitHub
GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or…
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact - GoSecure/pyrdp
CONPRO2023.pdf
2.1 MB
De-Anonymizing Users’ Geographical Data on the Strava Heatmap
BlackLotus Mitigation Guide from NSA
https://media.defense.gov/2023/Jun/22/2003245723/-1/-1/0/CSI_BlackLotus_Mitigation_Guide.PDF
https://media.defense.gov/2023/Jun/22/2003245723/-1/-1/0/CSI_BlackLotus_Mitigation_Guide.PDF
GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking
https://blog.aquasec.com/github-dataset-research-reveals-millions-potentially-vulnerable-to-repojacking
https://blog.aquasec.com/github-dataset-research-reveals-millions-potentially-vulnerable-to-repojacking
Aqua
GitHub Dataset Research Reveals Millions Potentially Vulnerable to RepoJacking
Millions of GitHub repositories are potentially vulnerable to RepoJacking, which if exploited may lead to code execution on environments
Ad-Attack.pdf
1.4 MB
Few AD attack ways from windows and Linux
Anatsa banking Trojan hits UK, US and DACH with new campaign
https://www.threatfabric.com/blogs/anatsa-hits-uk-and-dach-with-new-campaign
https://www.threatfabric.com/blogs/anatsa-hits-uk-and-dach-with-new-campaign
ThreatFabric
Anatsa banking Trojan hits UK, US and DACH with new campaign
Anatsa returns with a new campaign targeting UK, US and DACH supported by droppers on Google Play Store.
Forwarded from Sys-Admin InfoSec
✍️ Notice: at the next week, all deprecated services will be disabled and all freed up resources will be included to OpenBLD.net DNS ecosystem.
Updates notice:
https://news.1rj.ru/str/sysadm_in_channel/4701
Take care of yourself. Peace ✌️
Updates notice:
https://news.1rj.ru/str/sysadm_in_channel/4701
Take care of yourself. Peace ✌️
Telegram
Sys-Admin InfoSec
OpenBLD.net DNS - Settings Updation Notice
- Who uses DoH/DoT bld.sys-adm.in (will deprecated) please switch to 🚀️️️️ ada.openbld.net
- Change/Update ✨️️️️️️iOS, macOS Profile
- If you are using DNS IP 109.234.39.72 (will deprecated) switch to 46.151.29.15…
- Who uses DoH/DoT bld.sys-adm.in (will deprecated) please switch to 🚀️️️️ ada.openbld.net
- Change/Update ✨️️️️️️iOS, macOS Profile
- If you are using DNS IP 109.234.39.72 (will deprecated) switch to 46.151.29.15…
2023 CWE Top 25 Most Dangerous Software Weaknesses
https://www.cisa.gov/news-events/alerts/2023/06/29/2023-cwe-top-25-most-dangerous-software-weaknesses
https://www.cisa.gov/news-events/alerts/2023/06/29/2023-cwe-top-25-most-dangerous-software-weaknesses
Malvertising: A stealthy precursor to infostealers and ransomware attacks
https://www.malwarebytes.com/blog/business/2023/06/malvertising-a-stealthy-precursor-to-infostealers-and-ransomware-attacks
https://www.malwarebytes.com/blog/business/2023/06/malvertising-a-stealthy-precursor-to-infostealers-and-ransomware-attacks
Malwarebytes
Malvertising: A stealthy precursor to infostealers and ransomware attacks
Malvertising, the practice of using online ads to spread malware, can have dire consequences—and the problem only seems to be growing.
Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques
https://github.com/austinsonger/Incident-Playbook
https://github.com/austinsonger/Incident-Playbook
GitHub
GitHub - austinsonger/Incident-Playbook: GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors…
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly] - austinsonger/Incident-Playbook
DNS Analyzer - Finding DNS vulnerabilities with Burp Suite
https://sec-consult.com/blog/detail/dns-analyzer-finding-dns-vulnerabilities-with-burp-suite/
https://sec-consult.com/blog/detail/dns-analyzer-finding-dns-vulnerabilities-with-burp-suite/
SEC Consult
DNS Analyzer - Finding DNS vulnerabilities with Burp Suite
A brand-new Burp Suite extension for discovering DNS vulnerabilities in web applications.
Exploring Hell's Gate Proof of Concept (POC)
To bypass user mode hooks implemented by Endpoint Detection and Response (EDR) systems, attackers (specifically red teams) employ various techniques for unhooking or bypassing these safeguards. The focus here is on the Hell's Gate Proof of Concept (POC), an approach that utilizes direct syscalls to bypass user mode hooks. Even though Hell's Gate POC has been around for a few years, it remains pivotal in the evolution of direct syscalls:
— https://redops.at/en/blog/exploring-hells-gate
To bypass user mode hooks implemented by Endpoint Detection and Response (EDR) systems, attackers (specifically red teams) employ various techniques for unhooking or bypassing these safeguards. The focus here is on the Hell's Gate Proof of Concept (POC), an approach that utilizes direct syscalls to bypass user mode hooks. Even though Hell's Gate POC has been around for a few years, it remains pivotal in the evolution of direct syscalls:
— https://redops.at/en/blog/exploring-hells-gate
RedOps - English
Exploring Hell's Gate - RedOps