Sys-Admin Up
Прям свежак, свежак - Установщик GVM 21 на Ubuntu 20+ Пока поддерживается убунту, после планируется Rocky, CentOS. Ставит и собирает готовое vulnerability scanning решение из исходников. https://github.com/m0zgen/install-gvm21 Билдится согласно оф. ману:…
Обновлен инструмент для установки GVM
- Есть возможность ставить GVM 20
- Есть возможность ставить GVM 21
- Есть возможность обновлять GVM 20 > GVM 21
Все тесты проведены на Ubuntu 20.04.3 LTS
https://github.com/m0zgen/install-gvm21
- Есть возможность ставить GVM 20
- Есть возможность ставить GVM 21
- Есть возможность обновлять GVM 20 > GVM 21
Все тесты проведены на Ubuntu 20.04.3 LTS
https://github.com/m0zgen/install-gvm21
GitHub
GitHub - m0zgen/install-gvm21: 🧘 Script for GVM 21 installs to Ubuntu
🧘 Script for GVM 21 installs to Ubuntu . Contribute to m0zgen/install-gvm21 development by creating an account on GitHub.
macOS Big Sur Gatekeeper bypass
Available for: macOS Big Sur
Impact: A malicious application may bypass Gatekeeper checks
Denoscription: This issue was addressed with improved checks.
https://objective-see.com/blog/blog_0x6A.html
Available for: macOS Big Sur
Impact: A malicious application may bypass Gatekeeper checks
Denoscription: This issue was addressed with improved checks.
https://objective-see.com/blog/blog_0x6A.html
Executing Code Using Microsoft Teams Updater
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/executing-code-using-microsoft-teams-updater/
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/executing-code-using-microsoft-teams-updater/
Trustwave
Executing Code Using Microsoft Teams Updater | Trustwave
Red Teamers like to hunt for new methods of code execution through “legitimate” channels, and I’m no exception to that rule.
Forwarded from Sys-Admin InfoSec
BLD Project Service - Configurations for Browsers, Devices, Routers
Hey, today I created GitHub wiki page with simple denoscriptions of steps for BLD Configuring on/in your Browsers and Devices:
DoH/Dot
• Google Chrome
• Mozilla Firefox
• Brave
• Edge
• Android (with Private DNS feature version 9+)
• iOS/MacOS
• Standard IP DNS service
• Details on official repo
What is BLD Service - Free & Secure Service from Sys-Admin for prevention - tracking, advertising, malicious and etc..
Details
• General README.md
• Wiki page
• Current BLD official site lab.sys-adm.in site
QNAP NAS devices hit in surge of ech0raix ransomware attacks
https://www.bleepingcomputer.com/news/security/qnap-nas-devices-hit-in-surge-of-ech0raix-ransomware-attacks/
A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard
https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/
https://www.bleepingcomputer.com/news/security/qnap-nas-devices-hit-in-surge-of-ech0raix-ransomware-attacks/
A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard
https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/
BleepingComputer
QNAP NAS devices hit in surge of ech0raix ransomware attacks
Users of QNAP network-attached storage (NAS) devices are reporting attacks on their systems with the eCh0raix ransomware, also known as QNAPCrypt.
Learn JavaScript (the language and more) by doing it. Fix failing tests. Keep all learnings.
https://jskatas.org/
https://jskatas.org/
Linux для себя - русскоязычное подробное руководство по созданию Linux-системы, используя лишь исходные тексты необходимого программного обеспечения. Это руководство - самостоятельное ответвление от проекта Linux From Scratch.
https://lx4u.ru/
https://lx4u.ru/
lx4u.ru
Linux для себя :: Создайте свою собственную Linux систему!
Подробное руководство по созданию собственной Linux системы из исходного кода
Redline Stealer Targeting Accounts Saved to Web Browser with Automatic Login Feature Included
https://asec.ahnlab.com/en/29885/
https://asec.ahnlab.com/en/29885/
ASEC
Redline Stealer Targeting Accounts Saved to Web Browser with Automatic Login Feature Included - ASEC
While investigating a recent breach case of the internal network of a certain company, AhnLab ASEC analysis team has confirmed that the VPN account used to access the company network was leaked from the PC of a certain employee who was working from home.…
Аккурат под трудовой будень попалось
ни слов, только ритм… 🎧
https://www.youtube.com/watch?v=KIGXGkzjAoc
ни слов, только ритм… 🎧
https://www.youtube.com/watch?v=KIGXGkzjAoc
YouTube
Bad Company - The Nine
Composer: Fresh & Maldini of the mighty Bad Company
Label: BC Recordings
Catalogue: VDBCR001
Format: 12"
Release Date: 1998
Genre: Drum & Bass / Techstep
Label: BC Recordings
Catalogue: VDBCR001
Format: 12"
Release Date: 1998
Genre: Drum & Bass / Techstep
Practical bruteforce of military grade AES-1024
https://rc3.world/2021/public_fahrplan#3c5f6844-cdc8-5a1a-a342-d93b43546a82
Flagpro: The new malware used by BlackTech
https://insight-jp.nttsecurity.com/post/102hf3q/flagpro-the-new-malware-used-by-blacktech
https://rc3.world/2021/public_fahrplan#3c5f6844-cdc8-5a1a-a342-d93b43546a82
Flagpro: The new malware used by BlackTech
https://insight-jp.nttsecurity.com/post/102hf3q/flagpro-the-new-malware-used-by-blacktech
ADExplorerSnapshot is an AD Explorer snapshot ingestor for BloodHound
https://github.com/c3c/ADExplorerSnapshot.py
https://github.com/c3c/ADExplorerSnapshot.py