Phemedrone stealer. New day, new threats
ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion
— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab
ToC:
— Discovery history
— Disassembling the internals
— Interesting facts
— Indicators of compromise
— Conclusion
— https://medium.com/@filexploit/phemedrone-stealer-new-day-new-threats-464fa6f9dbab
Medium
Phemedrone stealer. New day, new threats.
Every day there is more and more open source software in the world. On the one hand, it is a positive thing that moves the whole society…
Скоро в Алматы, 16 сентября, мы будем проводить пятую открытую конференцию Open SysConf.io
Где может каждый прийти и поделиться/послушать доклады, ресерчи или просто пообщаться, познакомиться со специалистами из разных ИТ областей:
https://news.1rj.ru/str/OpenSysConf/1679
Где может каждый прийти и поделиться/послушать доклады, ресерчи или просто пообщаться, познакомиться со специалистами из разных ИТ областей:
https://news.1rj.ru/str/OpenSysConf/1679
Telegram
lexrrr in Open SysConf
Всем привет!
⚡️Мы рады представить вам нашего инфо-партнера конференции KazHackStan - Sys-Admin InfoSec!
💥 Sys-Admin InfoSec - это уникальный паблик, в котором можно найти последние новости, статьи и информацию о системном администрировании, сетевых технологиях…
⚡️Мы рады представить вам нашего инфо-партнера конференции KazHackStan - Sys-Admin InfoSec!
💥 Sys-Admin InfoSec - это уникальный паблик, в котором можно найти последние новости, статьи и информацию о системном администрировании, сетевых технологиях…
osint_from_zero_to_hero.pdf
73.6 KB
Cert / Cource (free/paid) Links collection
GitLab Security Incident Response Guide
https://about.gitlab.com/handbook/security/security-operations/sirt/sec-incident-response.html
https://about.gitlab.com/handbook/security/security-operations/sirt/sec-incident-response.html
Forwarded from Sys-Admin InfoSec
⚠️ Reminding/Notice. bld.sys-adm.in will migrate to OpenBLD.net
Review and resetup all DoT, DoH, DNS setings to OpenBLD.net please.
Keep in mind - On this IP addresess will only remain DoT, DoH:
-
-
Review and resetup all DoT, DoH, DNS setings to OpenBLD.net please.
Keep in mind - On this IP addresess will only remain DoT, DoH:
-
49.12.234.130-
135.125.204.230Secrets Revealed in Container Images:
An Internet-wide Study on Occurrence and Impact
https://arxiv.org/pdf/2307.03958.pdf
An Internet-wide Study on Occurrence and Impact
https://arxiv.org/pdf/2307.03958.pdf
TTPs: BadStrings
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator:
— https://steve-s.gitbook.io/0xtriboulet/ttps/ttps-badstrings
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator:
— https://steve-s.gitbook.io/0xtriboulet/ttps/ttps-badstrings
steve-s.gitbook.io
TTPs: BadStrings | 0xTriboulet
In this writeup we discuss a mutli-step methodology for beating string detection by Mandiant's FLOSS string deobfuscator
Kaspersky v21.3.10.391 Bypassed by Chunked CobaltStrike Payloads
— https://www.youtube.com/watch?v=yNbUner6yZg
— https://www.youtube.com/watch?v=yNbUner6yZg
YouTube
Kaspersky v21.3.10.391 Bypassed by Chunked CobaltStrike Payloads
Kaspersky v21.3.10.391 with last update 2023/06/17 Fully Bypassed!
via Chunked cobaltstrike payloads and code will run #inmemory step by step via #chunked payloads in 4 separated sections ;p , in this code i used rtlmovemomory but i can use other win #apis…
via Chunked cobaltstrike payloads and code will run #inmemory step by step via #chunked payloads in 4 separated sections ;p , in this code i used rtlmovemomory but i can use other win #apis…
VirusTotal Data Leak
German Lang Report from BSI:
— https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-206270-1032.html
German Lang Report from BSI:
— https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-206270-1032.html
Bundesamt für Sicherheit in der Informationstechnik
Datenabfluss im Falle von Dateiprüfungen bei VirusTotal
Im Rahmen eines Vorfalls wurde entdeckt, dass in einer Institution regelmäßig verdächtige E-Mail Anhänge, die in die Quarantäne verschoben werden, teil-automatisiert zu VirusTotal hochgeladen werden. Bei den verdächtigen Dateien handelte es sich in Einzelfällen…
How Cloudflare optimizes web content for faster page loads
https://www.cloudflare.com/resources/assets/slt3lc6tev37/5ghrabxM7vxfsvQR5g5XFx/4d2e48d839026fcc9ae8ae960e68f64c/How_Cloudflare_optimizes_web_content_for_faster_page_loads.pdf
https://www.cloudflare.com/resources/assets/slt3lc6tev37/5ghrabxM7vxfsvQR5g5XFx/4d2e48d839026fcc9ae8ae960e68f64c/How_Cloudflare_optimizes_web_content_for_faster_page_loads.pdf
Prominent Threat Actor Accidentally Infects Own Computer with Info-Stealer
https://hudsonrock.com/blog/prominent-threat-actor-accidentally-infects-own-computer-with-info-stealer
https://hudsonrock.com/blog/prominent-threat-actor-accidentally-infects-own-computer-with-info-stealer
Hudson Rock
Hudson Rock - Infostealer Intelligence Solutions
Powered by Hudson Rock's continuously augmented cybercrime database, composed of millions of machines compromised by Infostealers in global malware spreading campaigns.
5G Network Slicing:
Security Considerations for Design, Deployment, and Maintenance
https://media.defense.gov/2023/Jul/17/2003260829/-1/-1/0/ESF%205G%20NETWORK%20SLICING-SECURITY%20CONSIDERATIONS%20FOR%20DESIGN,%20DEPLOYMENT,%20AND%20MAINTENANCE_FINAL.PDF
Security Considerations for Design, Deployment, and Maintenance
https://media.defense.gov/2023/Jul/17/2003260829/-1/-1/0/ESF%205G%20NETWORK%20SLICING-SECURITY%20CONSIDERATIONS%20FOR%20DESIGN,%20DEPLOYMENT,%20AND%20MAINTENANCE_FINAL.PDF
PowershellKerberos
Some noscripts to abuse kerberos using Powershell
https://github.com/MzHmO/PowershellKerberos/tree/main
Some noscripts to abuse kerberos using Powershell
https://github.com/MzHmO/PowershellKerberos/tree/main
GitHub
GitHub - MzHmO/PowershellKerberos: Some noscripts to abuse kerberos using Powershell
Some noscripts to abuse kerberos using Powershell. Contribute to MzHmO/PowershellKerberos development by creating an account on GitHub.
Kevin David Mitnick R.I.P. ⚰️
Peer connection has been lost… Peace.
— https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668
Peer connection has been lost… Peace.
— https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668
Dignity Memorial
Kevin Mitnick Obituary - Las Vegas, NV
Celebrate the life of Kevin Mitnick, leave a kind word or memory and get funeral service information care of King David Memorial Chapel & Cemetery.
KAZ CTF - Категорийный турнир с призовыми от команд SPACE и КАИБ
Множество категорий с 30+ тасков тематик:
— web, crypto, reverse, pwn, osint, misc, noscripting, malware analysis
Можно участвовать как в соло так и с командой до 5 человек. Призы организаторами обещаны хорошие 💪
— Все детали здесь - ctf.kazctf.kz
Множество категорий с 30+ тасков тематик:
— web, crypto, reverse, pwn, osint, misc, noscripting, malware analysis
Можно участвовать как в соло так и с командой до 5 человек. Призы организаторами обещаны хорошие 💪
— Все детали здесь - ctf.kazctf.kz