Tangled is a social engineering platform that weaponizes calendar event processing in Outlook and Gmail to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction. https://t.co/vz4ulB2SL3 Technical breakdown:

Meetings You Didn’t Plan, But We Did In this post, @ineesdv breaks down how calendar event processing in Outlook and Gmail can be abused to deliver spoofed meeting invites that are automatically added to a user's calendar without interaction ➡️Read more: https://t.co/7RApljHair

Our colleagues @_Kudaes_ & @ineesdv will be at #HackOn2024 presenting an alternative approach to ROP-based sleep obfuscation technique to evade memory scanners. ➡️ Read more: https://t.co/stknNHL5Zd

Enhanced version of secretsdump from #Impacket to dump credentials without touching disk. This feature takes advantage of the WriteDACL privileges held by local administrators to provide temporary read permissions on registry hives. https://t.co/gRtlOdNejE

As someone involved in the AWS offsec space, I want to share why I strongly do NOT recommend the HackTricks AWS Red Team Expert course. The author of it is a plagiarist, stealing content from other creators and is directly profiting off of it through sponsorships. A 🧵

🖱Did you know that your wireless mouse can be spoofed to take control of your computer? The @Tarlogic Innovation team has developed #BSAM, the first methodology to audit #Bluetooth devices and avoid situations like that 👇 https://t.co/MaqU7mhKaW

The @NavajaNegra_AB conference is just around the corner! @_Kudaes_ will be on-site to talk about malware development and EDR evasion. ➡️ Read more: https://t.co/zFZgCnNb1d

Watchguard has fixed 4 vulnerabilities in Watchguard EPDR discovered by our researchers @antuache and @Calvaruga. These vulnerabilities can be used to turn-off the defensive capabilities of the product and achieve privilege escalation. ➡️ Advisories: https://t.co/uJGhFsI5VR

In our latest post, @xassiz introduces a new technique to obtain cleartext passwords from MSSQL by abusing linked servers through the ADSI provider. ➡️ Read more: https://t.co/KUDKJiV4KY

Boas Xente! Dende o Barbanza RC queremos acercar o mundo do rugby a maior xente posible polo que este sabado 6 de Maio imos montar un pequeno adestramento e comida posterior. Se algun dia pensaches en probar este marabilloso deporte, este é o teu momento! (1/2)

Have you ever tried exploiting a Spring Boot Actuators RCE but the restart endpoint was disabled? ⬇️ Abuse this behaviour using this #TrickOrThreat by @antuache

Windows Local Privilege Escalation via StorSvc service (writable SYSTEM path DLL search order Hijacking) /cc @antuache @_Kudaes_ ➡️ https://t.co/8XMvewhgFn

💥One shell to HANDLE them all New approach to escalate privileges from a web shell by abusing open token handles. #RedTeam /cc @_Kudaes_ ➡ https://t.co/8KWQw4q5U5

AutoDial(dll)ing Your Way - Lateral Movement and LSASS SSP using AutodialDLL, a new blog post and tool release (DragonCastle) by @TheXC3LL https://t.co/NbOrI2rskn

New blog post about Azure AD Principals and access permissions. https://t.co/QKIoerKn8I

I just discovered that people copy texts from internet into a github book, then ask money and sponsors because of the great effort of doing ctrl + c && ctrl + v. What a trick!

We've extended @nopfor\ntlm_challenger with MSSQL support! This is useful when network segmentation prevents from reaching the SMB port ➡️ https://t.co/8UIOqGtj7i

Minor changes to @ly4k_\Certipy to make it compatible with @AlmondOffSec\PassTheCert. Now you can use both PKINIT and Schannel when dealing with ESC4! Find out more 👇 https://t.co/HCcoDdeZGP

🦥 Everyone learned to run pip install colorama to exploit Atlassian Confluence RCE (CVE-2022-26134), so let’s see how the vulnerability works under the hood. Here we show our simplified payload which demonstrates a workflow inside the vulnerable code ⤵️

Finally developed a minimal PoC for NtCreateUserProcess(). Here's something I'd like to share about it. #redteam #maldeve #infosec https://t.co/vpN4lN41Xd