Collision – Compass Security was able to execute their stack overflow attack against the Synology BC500. However, the exploit they used was previously known. They still earn $3,750 and 0.75 Master of Pwn points. #Pwn2Own

SecAnalyst Sylvain Heiniger (@sploutchy) loves NTLM relay. Dive into his latest blog post to learn how it can be used against Microsoft SQL servers. Discover misconfigurations in your infrastructure and fortify your defenses today. 🛡️ #MSSQL #NTLMrelay https://t.co/xur8aAZDOq

📡 Discover MQTT Fundamentals & Security in IoT in @MischaBachmann ’s blog post! Explore CVE-2023-28366, a memory leak in Eclipse Mosquitto. #MQTT #IoTSecurity #CVE2023 https://t.co/WVqcETMUkI

Security analyst @emanuelduss refreshed our hacking tools #cheatsheet for our security trainings, and it's now packed with info on Active Directory: https://t.co/wBTzt0KKaG 🔒 #security #pentest #tools

Discover how a strange workstation behavior exposed alarming vulnerabilities! We uncovered 2 privilege escalation bugs in Lenovo update functionality. Read the blog post for a fascinating journey down the rabbit hole. 🔐 #Cybersecurity #PrivilegeEscalation https://t.co/9dvAnbDYqY

Compass Security identified a #vulnerability in ThinkPad Hybrid USB-C with USB-A Dock Firmware Update Tool. https://t.co/BsjPaFzlhZ

🔒Enhance #remotedesktop security with practical tips from Security Analyst Felix Aeppli. Learn about features like Remote Credential Guard and Restricted Admin Mode to protect against credentials theft and impersonation. https://t.co/83OqJfP3ef

Today we're publishing new techniques for recovering NTLM hashes from encrypted credentials protected by Windows Defender Credential Guard. These techniques also work on victims logged on before the server was compromised. https://t.co/euNIyX2dwW

Now adding external docs links to The Hacker Tools https://t.co/3fjsZpxQ4k Major tools that aren't documented will be on THT. Mimikatz is mostly over with. Impacket is now next in line. But docs that already exist will be linked. Feel free to contribute 🤗

Are you also tired of "This setting is managed by your administrator or organization" messages, preventing you from altering settings, although you are admin? Fear no more, I got you covered - well at least partially: AV FW DeviceGuard Edge FF https://t.co/ZHf1QoMSfo

HACKvent2022 awaits! At Dec. 1st 2022, 00:00 CET the first challenge will be released. Ready for sleep-deprivation? 😉 Enter the free competition here: https://t.co/WbrBNRxTZP Leaderboard: https://t.co/RBFOu0oAfH #HV22 #ctf

At @BlackAlpsConf, our analyst Sylvain Heiniger @sploutchy presented a new attack path to AD CS. Read his blog post for details and tools updates. #adcs #esc11 #ntlmrelay #rpc #msrpc https://t.co/UiRDilU9TS

Today, we share the analysis of a very rare piece of quantum military-grade #ransomware. All your data are belong to us !!! https://t.co/o7JU562jlc

I found a vulnerability that allowed me to unlock any @Google Pixel phone without knowing the passcode. This may be my most impactful bug so far. Google fixed the issue in the November 5, 2022 security patch. Update your devices! https://t.co/LUwSvEMF3w

Execute commands as another user w/t dumping LSASS or touching the ADCS server ? Thanks to @Defte_ a new module has been added to CrackMapExec 🚀 The module will impersonate any logged on user to exec command as "this" user (system, domain user etc) 🔥

In der ARD am 13. Dezember (Nacht von Mo auf Di) um 0:20 Uhr: Dokumentarfilm „Alles ist Eins. Außer der 0.“, eine Geschichte digitaler Subversion über das Wirken von Wau Holland

Yeah nice, a Windows token impersonation module for CrackMapExec by @Defte_

We worked together with @_zblurx to pull this new feature on CME ! CrackMapExec can now authenticate using kerberos with login/pass/nthash/aeskey without the need of a KRB5CCNAME ticket env 🚀 But wait there is more! by adding this feature we can now mimic kerbrute features 🔥🫡

mitmproxy 9 is out! 🎉 https://t.co/GrxJLtQCxE Three highlights:

Anyone knows how to obtain a #bitlocker recovery key with #dislocker? I can decrypt the drive with another protector. Windows somehow can do this. Looking for a way to "convert" respectively use a VMK or FVEK to obtain/decrypt the recovery key passphrase. RT is highly appreciated