Free Hardware Probe from Globalping project
Globalping, an open-source initiative by jsDelivr, is taking the world by storm with its innovative approach to global network stability.
Now, you have the chance to receive your very own Globalping hardware probe, absolutely FREE:
https://explore.dnsfilter.com/dnsfilter-globalping-giveaway
Globalping, an open-source initiative by jsDelivr, is taking the world by storm with its innovative approach to global network stability.
Now, you have the chance to receive your very own Globalping hardware probe, absolutely FREE:
https://explore.dnsfilter.com/dnsfilter-globalping-giveaway
Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables
🔹 https://papers.mathyvanhoef.com/usenix2023-tunnelcrack.pdf
Please open Telegram to view this post
VIEW IN TELEGRAM
Knocking on Hell's Gate - EDR Evasion Through Direct Syscalls
🔹 https://labs.en1gma.co/malwaredevelopment/evasion/security/2023/08/14/syscalls.html
Please open Telegram to view this post
VIEW IN TELEGRAM
CFP-комитет OFFZONE 2023 завершил отбор
На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.
Программа будет пополняться, обновление можно отследить на сайте
• https://offzone.moscow/program/
На сайте конференции организаторы готовы рассказать, какие доклады будут на OFFZONE 2023.
Программа будет пополняться, обновление можно отследить на сайте
• https://offzone.moscow/program/
Awareness about Awareness. Part 2
Several years ago I spoke on KHS 2018 about of Awareness with presentation named - Awareness about Awareness…
Now I see - classical awarenes model working not adequately… On KHS 2023 we will try to consider why it is so, what to do about it…
On this conference will many cooll speakers, cybersec/infosec subjects, people. Will meet on KHS 20223! ✊
Details on official KHS site:
🔹 . https://kazhackstan.com
Several years ago I spoke on KHS 2018 about of Awareness with presentation named - Awareness about Awareness…
Now I see - classical awarenes model working not adequately… On KHS 2023 we will try to consider why it is so, what to do about it…
On this conference will many cooll speakers, cybersec/infosec subjects, people. Will meet on KHS 20223! ✊
Details on official KHS site:
Please open Telegram to view this post
VIEW IN TELEGRAM
ProxyNation: The dark nexus between proxy apps and malware
https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware
https://cybersecurity.att.com/blogs/labs-research/proxynation-the-dark-nexus-between-proxy-apps-and-malware
LevelBlue
ProxyNation: Malware-Driven Proxy Surge
LevelBlue Labs uncovers a vast malware campaign delivering hidden proxies. Explore the threat landscape
JCDC_RMM_Cyber_Defense_Plan.pdf
2.9 MB
Cyber Defence RMM Plan from CISA
Unwanted Guests: Mitigating Remote Access Trojan Infection Risk
https://www.uptycs.com/blog/remote-access-trojan-qwixx-telegram
https://www.uptycs.com/blog/remote-access-trojan-qwixx-telegram
Uptycs
Remote Access Trojan: Mitigating Infection Risk of Unwanted Guests
Read about QwixxRAT, a new Remote Access Trojan infiltrating devices via Telegram & Discord: technical analysis & protective measures
Please open Telegram to view this post
VIEW IN TELEGRAM
The Maginot Line: Attacking the Boundary of DNS Caching Protection
https://www.usenix.org/system/files/usenixsecurity23-li-xiang.pdf
https://www.usenix.org/system/files/usenixsecurity23-li-xiang.pdf
GPT based tool for understanding the tactics, techniques, and procedures (TTPs) used by threat actors
🔹 https://attackgen.streamlit.app/
Git - https://github.com/mrwadams/attackgen
Git - https://github.com/mrwadams/attackgen
Please open Telegram to view this post
VIEW IN TELEGRAM
Streamlit
AttackGen is a cybersecurity incident response testing tool that leverages the power of large lan...
Domain Audit - Wrapper around PowerView, Impacket, PowerUpSQL, BloodHound, Ldaprelayscan and Crackmapexec to automate the execution of enumeration and a lot of checks performed during a On-Prem Active Directory Penetrationtest
— https://github.com/0xJs/domain_audit
— https://github.com/0xJs/domain_audit
GitHub
GitHub - 0xJs/domain_audit: Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
Audit tool for Active Directory. Automates a lot of checks from a pentester perspective. - 0xJs/domain_audit
XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App
https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/
https://www.sentinelone.com/blog/xloaders-latest-trick-new-macos-variant-disguised-as-signed-officenote-app/
SentinelOne
XLoader’s Latest Trick | New macOS Variant Disguised as Signed OfficeNote App
Notorious botnet and infostealer XLoader makes a return to macOS with a new dropper and malware payload.
Mitigation steps for Ivanti API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035
https://forums.ivanti.com/s/article/KB-API-Authentication-Bypass-on-Sentry-Administrator-Interface-CVE-2023-38035?language=en_US
— CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface 😎
https://forums.ivanti.com/s/article/KB-API-Authentication-Bypass-on-Sentry-Administrator-Interface-CVE-2023-38035?language=en_US
— CVE-2023-38035 – API Authentication Bypass on Sentry Administrator Interface 😎
Ivanti
KB API Authentication Bypass on Sentry Administrator Interface - CVE-2023-38035
<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;">A vulnerability has been discovered in Ivanti Sentry, formerly MobileIron Sentry. This vulnerability…