NEW BOT Телеграм, страница

Sys-Admin Up

RansomEXX Tools

This is a tool which can be used to extract the configuration values contained within a RansomEXX decryption tool which was provided by the attackers after an organization pays the ransom.

https://github.com/proferosec/RansomEXX-Tools

GitHub

GitHub - proferosec/RansomEXX-Tools

Contribute to proferosec/RansomEXX-Tools development by creating an account on GitHub.

252 viewsYevgeniy Goncharov, 12:25

Sys-Admin Up

Сегодня планировал выступить с докладом о BLD на локальном митапе, но не успеваю, поэтому буду в прямой трансляции заисывать видео, кому интересно и есть возможность присоединиться в реалтайм, ссылка на YouTube канал:

* https://youtu.be/2byKmp0S9Fk

YouTube

Blocky Listener Daemon (BLD) - Открытый доклад

https://lab.sys-adm.in/

1.57K viewsYevgeniy Goncharov, edited 10:08

Sys-Admin Up

MongoDB - Disable Transparent Huge Pages (THP)

https://docs.mongodb.com/manual/tutorial/transparent-huge-pages/

Mongodb

Disable Transparent Huge Pages (THP)

243 viewsYevgeniy Goncharov, 15:48

Sys-Admin Up

Phishing in Organizations: Findings from a Large-Scale and Long-Term Study

https://arxiv.org/pdf/2112.07498.pdf

229 viewsYevgeniy Goncharov, edited 04:23

Sys-Admin Up

The Moscow method is a prioritization technique used in management…

https://en.m.wikipedia.org/wiki/MoSCoW_method

Wikipedia

MoSCoW method

prioritization technique for a common understanding of the importance of the delivery of each requirement

222 viewsYevgeniy Goncharov, edited 06:19

Sys-Admin Up

https://www.imaginarycloud.com/blog/podman-vs-docker/

Imaginarycloud

Podman vs Docker: What are the differences?

Explore a Podman vs Docker comparison. Understand their architecture, performance, and use cases to choose the right container for your workflow.

244 viewsYevgeniy Goncharov, 07:28

Sys-Admin Up

Вот такой вот багет + сертификат можно по бырому получить на алибаба в разделе cloudMonitor

231 viewsYevgeniy Goncharov, 12:28

Sys-Admin Up

Прям свежак, свежак - Установщик GVM 21 на Ubuntu 20+ Пока поддерживается убунту, после планируется Rocky, CentOS. Ставит и собирает готовое vulnerability scanning решение из исходников. https://github.com/m0zgen/install-gvm21 Билдится согласно оф. ману:…

Обновлен инструмент для установки GVM

- Есть возможность ставить GVM 20
- Есть возможность ставить GVM 21
- Есть возможность обновлять GVM 20 > GVM 21

Все тесты проведены на Ubuntu 20.04.3 LTS

https://github.com/m0zgen/install-gvm21

GitHub

GitHub - m0zgen/install-gvm21: 🧘 Script for GVM 21 installs to Ubuntu

🧘 Script for GVM 21 installs to Ubuntu . Contribute to m0zgen/install-gvm21 development by creating an account on GitHub.

3.1K viewsYevgeniy Goncharov, 15:14

Sys-Admin Up

macOS Big Sur Gatekeeper bypass

Available for: macOS Big Sur
Impact: A malicious application may bypass Gatekeeper checks
Denoscription: This issue was addressed with improved checks.

https://objective-see.com/blog/blog_0x6A.html

2.84K viewsYevgeniy Goncharov, edited 15:52

Sys-Admin Up

HardeningKitty and Windows 10 Hardening

https://github.com/0x6d69636b/windows_hardening

GitHub

GitHub - 0x6d69636b/windows_hardening: HardeningKitty and Windows Hardening Settings

HardeningKitty and Windows Hardening Settings. Contribute to 0x6d69636b/windows_hardening development by creating an account on GitHub.

287 viewsYevgeniy Goncharov, edited 06:03

Sys-Admin Up

Executing Code Using Microsoft Teams Updater

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/executing-code-using-microsoft-teams-updater/

Trustwave

Executing Code Using Microsoft Teams Updater | Trustwave

Red Teamers like to hunt for new methods of code execution through “legitimate” channels, and I’m no exception to that rule.

2.68K viewsYevgeniy Goncharov, 12:34

Sys-Admin Up

https://torrentfreak.com/widevine-dump-leaked-code-downloads-hd-video-from-disney-amazon-and-netflix-211227/

Torrentfreak

'Widevine Dump": Leaked Code Downloads HD Video from Disney+, Amazon, and Netflix * TorrentFreak

A GitHub user has published repositories that allow people to download HD video from platforms, including Disney+, Amazon, and Netflix.

217 viewsYevgeniy Goncharov, 03:31

Sys-Admin Up

https://www.sprocketsecurity.com/blog/how-to-exploit-log4j-vulnerabilities-in-vmware-vcenter

Sprocket Security

How to exploit Log4j vulnerabilities in VMWare vCenter

A vulnerability was recently disclosed for the Java logging library, Log4j. The vulnerability is wide-reaching and affects both open source projects and enterprise software, meaning we need to understand how to ID and remediate it in our network environments.…

212 viewsYevgeniy Goncharov, 03:58

Sys-Admin Up

https://www.jetbrains.com/help/phpstorm/using-the-advanced-vagrant-features-in-product.html#shared-folders

PhpStorm Help

Using the Advanced Vagrant Features in PhpStorm | PhpStorm

205 viewsYevgeniy Goncharov, 04:14

Sys-Admin Up

https://www.zdnet.com/education/computers-tech/best-online-masters-network-security/

ZDNet

Best online master's in network security | ZDNet

Help organizations fight against a growing number of cyberthreats with one of the best online network security master's programs.

219 viewsYevgeniy Goncharov, 04:16

Sys-Admin Up

Forwarded from Sys-Admin InfoSec

BLD Project Service - Configurations for Browsers, Devices, Routers

Hey, today I created GitHub wiki page with simple denoscriptions of steps for BLD Configuring on/in your Browsers and Devices:

DoH/Dot
• Google Chrome
• Mozilla Firefox
• Brave
• Edge
• Android (with Private DNS feature version 9+)
• iOS/MacOS
• Standard IP DNS service
• Details on official repo

What is BLD Service - Free & Secure Service from Sys-Admin for prevention - tracking, advertising, malicious and etc..

Details
• General README.md
• Wiki page
• Current BLD official site lab.sys-adm.in site

184 viewsYevgeniy Goncharov, 14:34

Sys-Admin Up

QNAP NAS devices hit in surge of ech0raix ransomware attacks

https://www.bleepingcomputer.com/news/security/qnap-nas-devices-hit-in-surge-of-ech0raix-ransomware-attacks/

A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard

https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/

BleepingComputer

QNAP NAS devices hit in surge of ech0raix ransomware attacks

Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.

2.84K viewsYevgeniy Goncharov, edited 17:53

Sys-Admin Up

Learn JavaScript (the language and more) by doing it. Fix failing tests. Keep all learnings.

https://jskatas.org/

213 viewsYevgeniy Goncharov, edited 17:58

Sys-Admin Up

Linux для себя - русскоязычное подробное руководство по созданию Linux-системы, используя лишь исходные тексты необходимого программного обеспечения. Это руководство - самостоятельное ответвление от проекта Linux From Scratch.

https://lx4u.ru/

lx4u.ru

Linux для себя :: Создайте свою собственную Linux систему!

Подробное руководство по созданию собственной Linux системы из исходного кода

254 viewsYevgeniy Goncharov, edited 05:29

Sys-Admin Up

Redline Stealer Targeting Accounts Saved to Web Browser with Automatic Login Feature Included

https://asec.ahnlab.com/en/29885/

ASEC

Redline Stealer Targeting Accounts Saved to Web Browser with Automatic Login Feature Included - ASEC

While investigating a recent breach case of the internal network of a certain company, AhnLab ASEC analysis team has confirmed that the VPN account used to access the company network was leaked from the PC of a certain employee who was working from home.…

214 viewsYevgeniy Goncharov, edited 07:54

Sys-Admin Up

Аккурат под трудовой будень попалось

ни слов, только ритм… 🎧

https://www.youtube.com/watch?v=KIGXGkzjAoc