RT @stephhegarty: Shot in the head and chest. We investigated the killing of two-year-old Layan and six-year-old Mira. We also found ma….

Pwnie Awards should only be for exploits, not something that only 5 eyes bought an exploit for. If the award is public the exploit should too.

RT @HaifeiLi: Details published To summarize: the "WorkingDirectory" problem within .url files. Oh, .url files,….

Eid Mubarak .💔

RT @MIB_India: In sensitive times like these, it is necessary to be wary of disinformation being spread on social media. Always verify any….

RT @mamoun_linda: Israel has not allowed a single ounce of food to reach 2.3 million people in eight weeks.

RT @nicksdjohnson: Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vu….

RT @AJIunit: We expected to have to dedicate considerable resources to identify the soldiers featured in the photos and videos. What we fo….

This was an easy Domain Admin on watchguard installations for internal PT, at least at one client. Setup ntlmrelayx and wait for watchguard to find your machine.

Chillin’ in q8

I like how github has evolved. This person is running his stealer through github commits/malicious repos.

This happened with me, while I was on an onsite assessment. I panicked, but eventually it worked out. Now I plan to pause updates, till the internet tests it out for me.

RT @halvarflake: Writing good windows rootkits is hard. Always has been. Remember that some teams have development continuity all the way….

Strangle the Falcon!.

You have TrendMicro, SentinelOne and Defender on every machine. But I only read web.config files.

RT @0xdea: Qualys does it again!. #regreSSHion: #RCE in #OpenSSH's server, on glibc-based #Linux systems.(CVE-2024-6387). .

RT @BSidesSG: Less than 3 weeks to close our call for paper.

RT @momika233: CVE-2024-4577 PHP CGI Argument Injection.

It's fascinating to see that you need to a build a narrative of cyber espionage, circulate videos of oppression, Israeli prime minister's video etc. all at once to try and ban TikTok in US. We just do it! Not sure which is worse.

70kms from MOPA to Planet Hollywood. Anyone landing around 2.30pm Friday? #BsidesGoa.