Luis Rocha
@countuponsec
Followers
1K
Following
334
Media
74
Statuses
2K
RT @PyroTek3: The domain Kerberos service account, KRBTGT (, is an important account since it is used to sign & enc….
0
101
0
RT @PyroTek3: Want to detect Kerberoasting with no false positives?. Setup a honeypot account for detection following the guidance in this….
hub.trimarcsecurity.com
Kerberoasting can be an effective method for extracting service account credentials from Active Directory as a regular user without sending any packets to the target system. This attack is effective...
0
59
0
RT @HexRaysSA: 🧠 Reverse engineers, your lab just got smarter. IDA Free 9.1 is now preinstalled in FLARE VM — @Mandiant 's open-source ma….
0
39
0
RT @hackerschoice: 1-line "Living Off The Land" persistent DNS-reverse backdoor. (now added to . .
0
68
0
RT @hackerschoice: 🍿THC member on camera. A first. 😅.30 years of hacking - a perspective and a reflection. 📺 👉 Keep Hacking 👈 The next 30 y….
0
14
0
RT @craiu: Here's the decrypted, 2nd stage dex payload of the Android Monokle spyware from this amazing story below: 3613a76be3c6f0d7f61089….
0
27
0
RT @ESETresearch: UPDATE: #ESETresearch was contacted by one of the possible authors of the Bootkitty bootkit, claiming the bootkit is a pa….
welivesecurity.com
ESET's discovery of the first UEFI bootkit designed for Linux sendss an important message: UEFI bootkits are no longer confined to Windows systems alone.
0
66
0
RT @CISACyber: 🚨@SophosXOps completed a 5-year investigation into People’s Republic of China-based groups targeting perimeter devices. Thei….
0
45
0
RT @craiu: Some of the details in this story are just crazy. For instance: "Sophos included in its “hotfix" for the hackers' intrusions add….
0
88
0
RT @samaritan_o: 🚨 #DFIRtips 🚨. Today, during an investigation, I found a registry key that proved to be extremely useful in identifying th….
0
98
0
RT @williballenthin: capa v7.3 out!. Recently we’ve added:. - Drakvuf and @vmray sandbox support. - web interfaces for results, rules, an….
github.com
The v7.3.0 capa release comes with the following three major enhancements: 1. Support for VMRay sandbox analysis archives Unlock powerful malware analysis with capa's new VMRay sandbox integrat...
0
38
0
0
47
0
RT @fabian_bader: Good to see that DART is using very similar methods to analyze Microsoft Graph Activity logs.
0
22
0
RT @danieldibswe: I learned this nice feature in Wireshark from a gentleman named Curtis Whipple when I posted to LinkedIn. You can use Wir….
0
91
0
RT @Mike_stokkel: APT41 has been infiltrating and stealing sensitive data from organizations in the global shipping, media, tech, and autom….
cloud.google.com
Mandiant has observed a sustained campaign by the advanced persistent threat group APT41.
0
25
0