Socomec MOD3GP-SY-120K
Successful exploitation of these vulnerabilities could allow an attacker to execute malicious Javanoscript code, obtain sensitive information, or steal session cookies.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03
Successful exploitation of these vulnerabilities could allow an attacker to execute malicious Javanoscript code, obtain sensitive information, or steal session cookies.
https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03
Technical Analysis of HijackLoader
A new evasive malware downloader with a modular architecture:
— The loader is being leveraged to drop numerous malware families, including Danabot, SystemBC, and RedLine Stealer, amplifying its potential threat.
— HijackLoader utilizes syscalls to evade monitoring from security solutions, detects specific processes based on an embedded blocklist, and delays code execution at different stages.
— The malware uses embedded modules that facilitate flexible code injection and execution - a feature uncommon among traditional loaders..:
— https://www.zscaler.com/blogs/security-research/technical-analysis-hijackloader
A new evasive malware downloader with a modular architecture:
— The loader is being leveraged to drop numerous malware families, including Danabot, SystemBC, and RedLine Stealer, amplifying its potential threat.
— HijackLoader utilizes syscalls to evade monitoring from security solutions, detects specific processes based on an embedded blocklist, and delays code execution at different stages.
— The malware uses embedded modules that facilitate flexible code injection and execution - a feature uncommon among traditional loaders..:
— https://www.zscaler.com/blogs/security-research/technical-analysis-hijackloader
Zscaler
HijackLoader | ThreatLabz
HijackLoader | Learn its tactics, evasion techniques, and modular architecture in our in-depth analysis.
Bypassing Windows Defender And Ppl Protection With Pplblade To Dump Lsass Without Detection
— https://tacticaladversary.io/adversary-tactics/bypass-defender-and-ppl-protection-to-dump-lsass/
— https://tacticaladversary.io/adversary-tactics/bypass-defender-and-ppl-protection-to-dump-lsass/
tacticaladversary.io
Bypassing Windows Defender and PPL Protection to dump LSASS without Detection | Adversary Tactics and Tradecraft | Tactical Adversary
Bypassing Windows Defender and PPL Protection with PPLBlade to dump LSASS without Detection.
Forwarded from Sys-Admin InfoSec
🚀 Присоединяйся к Open SysConf в эту субботу, как все будет
Уверен - будет позитивно и полезно.
🔹 Кто удаленно - Присоединяйся онлайн, будь вместе с нами.
🔹 Кто оффлайн - Встретимся в офисе команды Kolesa Team.
Начнем с базовых вещей, продолжим в low level практике, закончим на ноте размышлений - доклады и расписание.
Соберутся специалисты и уверен - хорошие люди из Алматы, Астаны, других городов РК, соседних государств. Встреча обещает пройти в многостороннем общении, обновлении круга знакомств и новых знаний 🤜🤛
Бери хорошее настроение, желание развития, открывай глаза, настораживай уши, готовь голосовой аппарат и уверенность в том, что все будет хорошо! Be connected on Open SysConf.io🐴
Всем Peace ✌️
Уверен - будет позитивно и полезно.
Начнем с базовых вещей, продолжим в low level практике, закончим на ноте размышлений - доклады и расписание.
Соберутся специалисты и уверен - хорошие люди из Алматы, Астаны, других городов РК, соседних государств. Встреча обещает пройти в многостороннем общении, обновлении круга знакомств и новых знаний 🤜🤛
Бери хорошее настроение, желание развития, открывай глаза, настораживай уши, готовь голосовой аппарат и уверенность в том, что все будет хорошо! Be connected on Open SysConf.io
Всем Peace ✌️
Please open Telegram to view this post
VIEW IN TELEGRAM
Youtube
- YouTube
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
Critical CVE-2023-4863: Heap buffer overflow in WebP in Chrome
Need to path:
— https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
Need to path:
— https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html
Chrome Releases
Stable Channel Update for Desktop
The Stable and Extended stable channels has been updated to 116.0.5845.187 for Mac and Linux and 116.0.5845.187/.188 for Windows, which will...
Бэкдор во Free Download Manager — возможная атака на Linux через цепочку поставок
— https://securelist.ru/backdoored-free-download-manager-linux-malware/107924/
Title in En: Backdoor in Free Download Manager - Possible Supply Chain Attack on Linux
— https://securelist.ru/backdoored-free-download-manager-linux-malware/107924/
Title in En: Backdoor in Free Download Manager - Possible Supply Chain Attack on Linux
securelist.ru
Зараженный Free Download Manager распространяет бэкдор для Linux
Исследователи «Лаборатории Касперского» проанализировали бэкдор для Linux, распространявшийся с бесплатным ПО Free Download Manager и остававшийся незамеченным в течение не менее трех лет.
Container Security Checklist: From the image to the workload
— https://github.com/krol3/container-security-checklist
— https://github.com/krol3/container-security-checklist
GitHub
GitHub - krol3/container-security-checklist: Checklist for container security - devsecops practices
Checklist for container security - devsecops practices - krol3/container-security-checklist
Malware and Reverse Engineering Complete Collection by Joas
Big collection with - Anonymizers, Honeypots, Open Source TI, Detection and Classification, Online Scanners and Sandboxes and more and more 🙂
🔹 https://github.com/CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering
Big collection with - Anonymizers, Honeypots, Open Source TI, Detection and Classification, Online Scanners and Sandboxes and more and more 🙂
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering
Contribute to CyberSecurityUP/Awesome-Malware-and-Reverse-Engineering development by creating an account on GitHub.
Всем привет, меня зовут Евгений Гончаров, кто меня не знает, узнает позже, пост посвящается знающим меня людям.
За последние дни кибер-конференций меня спрашивали "как ты это делаешь, откуда энергия", вопросов было много, на которые я отвечал "у меня есть своя система знаний”.
Система видения мира созданная собственным сознанием, системно организованная, где все практики, результаты, теория - взяты из сугубо личного опыта подтвержденного годами жизни.
Некоторым я рассказываю "как и что", некоторым говорю основы или указываю на ошибки, но действительно - мне хочется отрефлексировать этот опыт в слух, без телефонов, гаджетов.
Мы можем настроиться. Дайте мне знать через форму о своей готовности к участию.
Кто готов. Давайте попробуем в какой-нибудь день вместе послушать о моем “точечном мире”.
Please open Telegram to view this post
VIEW IN TELEGRAM
10 Best Pentesting Certifications of 2023
From Stationx vision:
https://www.stationx.net/best-pentesting-certifications/
From Stationx vision:
https://www.stationx.net/best-pentesting-certifications/
StationX
10 Best Pentesting Certifications of 2024: Your Ultimate Guide
Seeking the best pentesting certifications? Read our guide and choose the right one to elevate your career.
XCP-ng: Home Server Build with Citrix Hypervisor
https://www.virtualizationhowto.com/2023/09/xcp-ng-home-server-build-with-citrix-hypervisor/
#review
https://www.virtualizationhowto.com/2023/09/xcp-ng-home-server-build-with-citrix-hypervisor/
#review
Virtualization Howto
XCP-ng: Home Server Build with Citrix Hypervisor
Learn how to use XCP-ng for your home server build, including installation, configuration, and setup with this Citrix hypervisor
MMSF - Massive Mobile Security Framework or MMSF is a mobile framework that combines functionalities from frida, objection, drozer and many more:
— https://github.com/St3v3nsS/MMSF
— https://github.com/St3v3nsS/MMSF
GitHub
GitHub - St3v3nsS/MMSF: Massive Mobile Security Framework
Massive Mobile Security Framework. Contribute to St3v3nsS/MMSF development by creating an account on GitHub.
ExtractBitlockerKeys
A system administration or post-exploitation noscript to automatically extract the bitlocker recovery keys from a domain:
— https://github.com/p0dalirius/ExtractBitlockerKeys/
A system administration or post-exploitation noscript to automatically extract the bitlocker recovery keys from a domain:
— https://github.com/p0dalirius/ExtractBitlockerKeys/
GitHub
GitHub - p0dalirius/ExtractBitlockerKeys: A system administration or post-exploitation noscript to automatically extract the bitlocker…
A system administration or post-exploitation noscript to automatically extract the bitlocker recovery keys from a domain. - p0dalirius/ExtractBitlockerKeys
🌟 Ada - Adaptive DNS: Harmoniously filters malicious content and ensures seamless internet connectivity whenever possible
🚫 Ric - Strict DNS: Blocks many marketing and tracking resources, which may affect access to certain internet content
Curious to learn more? Dive into the details here
I recommend Ada for most OpenBLD.net DNS users. Take care of yourself. Peace out! ✌️
Please open Telegram to view this post
VIEW IN TELEGRAM
Vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab:
https://github.com/safebuffer/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab:
https://github.com/safebuffer/vulnerable-AD
GitHub
GitHub - safebuffer/vulnerable-AD: Create a vulnerable active directory that's allowing you to test most of the active directory…
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab - GitHub - safebuffer/vulnerable-AD: Create a vulnerable active directo...
DetectHooks
This tool enumerate functions exported from ntdll.dll, looking for modified instruction at the start of the syscall stub, indicating redirection of the execution somewhere else (module of AV/EDR) for inspection:
https://github.com/Helixo32/DetectHooks
This tool enumerate functions exported from ntdll.dll, looking for modified instruction at the start of the syscall stub, indicating redirection of the execution somewhere else (module of AV/EDR) for inspection:
https://github.com/Helixo32/DetectHooks
GitHub
GitHub - Helixo32/DetectHooks: Detect userland hooks placed by AV/EDR
Detect userland hooks placed by AV/EDR. Contribute to Helixo32/DetectHooks development by creating an account on GitHub.
Hadoken is a versatile bash noscript designed for network scanning and enumeration
-- https://github.com/Edd13Mora/Hadoken
-- https://github.com/Edd13Mora/Hadoken
Pentration_Testing-Beginners_To_Expert.pdf
127.2 KB
Pentration Testing from Beginners to Expert
Doc of ~20 pages with links and denoscriptions
Doc of ~20 pages with links and denoscriptions
Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity
https://www.sonarsource.com/blog/teamcity-vulnerability/
https://www.sonarsource.com/blog/teamcity-vulnerability/
Sonarsource
Source Code at Risk: Critical Code Vulnerability in CI/CD Platform TeamCity
Our Vulnerability Research team discovered a critical vulnerability in the popular CI/CD server TeamCity, which attackers could use to steal source code and poison build artifacts.