CVE-2023-36460: mastodon: Arbitrary file creation through media attachmentshttps://www.openwall.com/lists/oss-security/2023/07/06/4
Living Off The Land Applications: Sowing the seeds for application exploitation ease
https://lolapps-project.github.io/#
https://lolapps-project.github.io/#
A memory-based evasion technique which makes shellcode invisible from process start to end.
https://github.com/lem0nSec/ShellGhost
https://github.com/lem0nSec/ShellGhost
GitHub
GitHub - lem0nSec/ShellGhost: A memory-based evasion technique which makes shellcode invisible from process start to end.
A memory-based evasion technique which makes shellcode invisible from process start to end. - lem0nSec/ShellGhost
Exploring TA453's Foray into LNKs and Mac Malware
https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
https://www.proofpoint.com/us/blog/threat-insight/welcome-new-york-exploring-ta453s-foray-lnks-and-mac-malware
Proofpoint
Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware | Proofpoint US
Key Takeaways TA453 continues to adapt its malware arsenal, deploying novel file types and targeting new operating systems, specifically sending Mac malware to one of its recent targets.
Phemedrone stealer. New day, new threats
ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion
— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab
ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion
— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab
Medium
Phemedrone stealer. New day, new threats.
Every day there is more and more open source software in the world. On the one hand, it is a positive thing that moves the whole society…
Скоро в Алматы, 16 сентября, мы будем проводить пятую открытую конференцию Open SysConf.io
Где может каждый прийти и поделиться/послушать доклады, ресерчи или просто пообщаться, познакомиться со специалистами из разных ИТ областей:
https://news.1rj.ru/str/OpenSysConf/1679
Где может каждый прийти и поделиться/послушать доклады, ресерчи или просто пообщаться, познакомиться со специалистами из разных ИТ областей:
https://news.1rj.ru/str/OpenSysConf/1679
Telegram
lexrrr in Open SysConf
Всем привет!
⚡️Мы рады представить вам нашего инфо-партнера конференции KazHackStan - Sys-Admin InfoSec!
💥 Sys-Admin InfoSec - это уникальный паблик, в котором можно найти последние новости, статьи и информацию о системном администрировании, сетевых технологиях…
⚡️Мы рады представить вам нашего инфо-партнера конференции KazHackStan - Sys-Admin InfoSec!
💥 Sys-Admin InfoSec - это уникальный паблик, в котором можно найти последние новости, статьи и информацию о системном администрировании, сетевых технологиях…
osint_from_zero_to_hero.pdf
73.6 KB
Cert / Cource (free/paid) Links collection
GitLab Security Incident Response Guide
https://about.gitlab.com/handbook/security/security-operations/sirt/sec-incident-response.html
https://about.gitlab.com/handbook/security/security-operations/sirt/sec-incident-response.html
Forwarded from Sys-Admin InfoSec
⚠️ Reminding/Notice. bld.sys-adm.in will migrate to OpenBLD.net
Review and resetup all DoT, DoH, DNS setings to OpenBLD.net please.
Keep in mind - On this IP addresess will only remain DoT, DoH:
-
-
Review and resetup all DoT, DoH, DNS setings to OpenBLD.net please.
Keep in mind - On this IP addresess will only remain DoT, DoH:
-
49.12.234.130-
135.125.204.230Secrets Revealed in Container Images:
An Internet-wide Study on Occurrence and Impact
https://arxiv.org/pdf/2307.03958.pdf
An Internet-wide Study on Occurrence and Impact
https://arxiv.org/pdf/2307.03958.pdf
TTPs: BadStrings
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator:
— https://steve-s.gitbook.io/0xtriboulet/ttps/ttps-badstrings
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator:
— https://steve-s.gitbook.io/0xtriboulet/ttps/ttps-badstrings
steve-s.gitbook.io
TTPs: BadStrings | 0xTriboulet
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator
Kaspersky v21.3.10.391 Bypassed by Chunked CobaltStrike Payloads
— https://www.youtube.com/watch?v=yNbUner6yZg
— https://www.youtube.com/watch?v=yNbUner6yZg
YouTube
Kaspersky v21.3.10.391 Bypassed by Chunked CobaltStrike Payloads
Kaspersky v21.3.10.391 with last update 2023/06/17 Fully Bypassed!
via Chunked cobaltstrike payloads and code will run #inmemory step by step via #chunked payloads in 4 separated sections ;p , in this code i used rtlmovemomory but i can use other win #apis…
via Chunked cobaltstrike payloads and code will run #inmemory step by step via #chunked payloads in 4 separated sections ;p , in this code i used rtlmovemomory but i can use other win #apis…
VirusTotal Data Leak
German Lang Report from BSI:
— https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-206270-1032.html
German Lang Report from BSI:
— https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-206270-1032.html
Bundesamt für Sicherheit in der Informationstechnik
Datenabfluss im Falle von Dateiprüfungen bei VirusTotal
Im Rahmen eines Vorfalls wurde entdeckt, dass in einer Institution regelmäßig verdächtige E-Mail Anhänge, die in die Quarantäne verschoben werden, teil-automatisiert zu VirusTotal hochgeladen werden. Bei den verdächtigen Dateien handelte es sich in Einzelfällen…
How Cloudflare optimizes web content for faster page loads
https://www.cloudflare.com/resources/assets/slt3lc6tev37/5ghrabxM7vxfsvQR5g5XFx/4d2e48d839026fcc9ae8ae960e68f64c/How_Cloudflare_optimizes_web_content_for_faster_page_loads.pdf
https://www.cloudflare.com/resources/assets/slt3lc6tev37/5ghrabxM7vxfsvQR5g5XFx/4d2e48d839026fcc9ae8ae960e68f64c/How_Cloudflare_optimizes_web_content_for_faster_page_loads.pdf
Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer
https://hudsonrock.com/blog/prominent-threat-actor-accidentally-infects-own-computer-with-info-stealer
https://hudsonrock.com/blog/prominent-threat-actor-accidentally-infects-own-computer-with-info-stealer
Hudson Rock
Hudson Rock - Infostealer Intelligence Solutions
Powered by Hudson Rock's continuously augmented cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.
5G Network Slicing:
Security Considerations for Design, Deployment, and Maintenance
https://media.defense.gov/2023/Jul/17/2003260829/-1/-1/0/ESF%205G%20NETWORK%20SLICING-SECURITY%20CONSIDERATIONS%20FOR%20DESIGN,%20DEPLOYMENT,%20AND%20MAINTENANCE_FINAL.PDF
Security Considerations for Design, Deployment, and Maintenance
https://media.defense.gov/2023/Jul/17/2003260829/-1/-1/0/ESF%205G%20NETWORK%20SLICING-SECURITY%20CONSIDERATIONS%20FOR%20DESIGN,%20DEPLOYMENT,%20AND%20MAINTENANCE_FINAL.PDF
PowershellKerberos
Some noscripts to abuse kerberos using Powershell
https://github.com/MzHmO/PowershellKerberos/tree/main
Some noscripts to abuse kerberos using Powershell
https://github.com/MzHmO/PowershellKerberos/tree/main
GitHub
GitHub - MzHmO/PowershellKerberos: Some noscripts to abuse kerberos using Powershell
Some noscripts to abuse kerberos using Powershell. Contribute to MzHmO/PowershellKerberos development by creating an account on GitHub.