DNS Analyzer - Finding DNS vulnerabilities with Burp Suite

https://sec-consult.com/blog/detail/dns-analyzer-finding-dns-vulnerabilities-with-burp-suite/

Exploring Hell's Gate Proof of Concept (POC)

To bypass user mode hooks implemented by Endpoint Detection and Response (EDR) systems, attackers (specifically red teams) employ various techniques for unhooking or bypassing these safeguards. The focus here is on the Hell's Gate Proof of Concept (POC), an approach that utilizes direct syscalls to bypass user mode hooks. Even though Hell's Gate POC has been around for a few years, it remains pivotal in the evolution of direct syscalls:

— https://redops.at/en/blog/exploring-hells-gate

Understanding Telemetry: Kernel Callbacks

Event Tracing for Windows (ETW)..:

— https://posts.specterops.io/understanding-telemetry-kernel-callbacks-1a97cfcb8fb3

AiTM/ MFA phishing attacks in combination with “new” Microsoft protections (2023 edition)

MFA is not the end all solution to identity security challenges. With only MFA there is still a risk for more modern attacks (MFA fatique, AiTM, PRT, OAuth Attacks and more). Adversary-in-the-middle phishing attacks are still more common in use. Since the removal of basic authentication from Exchange Online more and more attackers are using more modern attacks like adversary-in-the-middle phishing, cookie theft, and other used attacks. What is AiTM, automatic attack disruption and etc:

— https://jeffreyappel.nl/aitm-mfa-phishing-attacks-in-combination-with-new-microsoft-protections-2023-edt/

FirstBlood от Codeby Pentest или как получить Telegram Premium

0 12 * * SAT на CTF-платфоме Codeby Games будут появляться новые задания, гда за FirstBlood возможно получить Telegram Premium на свой акк.

Hard levels - Premium period:
• hard - 12 month
• medium - 6 month
• light - 3 month

Акция до конца лета, кто хочет попробовать себя в роли хакера - https://codeby.games

TeamsPhisher

is a Python3 program that facilitates the delivery of phishing messages and attachments to Microsoft Teams users whose organizations allow external communications:

— https://github.com/Octoberfest7/TeamsPhisher

Cloud Native Thread Report

— https://info.aquasec.com/threat-2023-cloud-native-report?submissionGuid=7612af20-ec02-447c-a212-309067e592b7

9 Ways to Prevent a Supply Chain Attack TC CI/CD Server

Introduction to Mythic C2

What is Mythic - Cross-platform, post-exploit, red teaming framework built with GoLang, docker, docker-compose, and a web browser UI. Article with using examples and etc:

— https://redsiege.com/blog/2023/06/introduction-to-mythic-c2/

Increased Truebot Activity Infects U.S. and Canada Based Networks

Deploy from phishing and exloitation some CVE..

IOC domains sended to OpenBLD.net DNS:

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-187a

DevOps Interview Questions and Answers

Today info about of OpenBLD.net DNS added to AdGuard Wiki KnowledgeBaseDNS repo 🎉

StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability

https://github.com/lrh2000/StackRot

100 Methods for Container Attacks(RTC0010)

Container escape, tampering, insecure orchestration and etc.:

— https://redteamrecipe.com/100-Method-For-Container-Attacks/

Living Off The Land Applications: Sowing the seeds for application exploitation ease

https://lolapps-project.github.io/#

A memory-based evasion technique which makes shellcode invisible from process start to end.

https://github.com/lem0nSec/ShellGhost

Exploring TA453's Foray into LNKs and Mac Malware

https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware

Phemedrone stealer. New day, new threats

ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion

— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab