#ToolShell en resumen (más o menos): Vulnerabilidad TOCHA de Sharepoint (ejecución remota de código tal cual, trufamiento completo). No afecta al Sharepoint de O365, pero todo lo demás es vulnerable (2016, 2019 y versiones anteriores) (1/n) #DFIR
Microsoft released bitnet.cpp: A blazing-fast open-source 1-bit LLM inference framework that runs directly on CPUs.
You can now run 100B parameter models on local x86 CPU devices with up to 6x speed improvements and 82% less energy consumption.
100% Open Source
¿A quién afecta? A priori todos los GNU/Linux, algunos BSD, y puede que a Solaris. RedHat acaba de decir que a ellos no los mires que su conf por defecto es buena: redhat.com/en/blog/red-ha… (2/n)
Fallo de #ciberseguridad crítico en Linux: CVE-2024-47176 evilsocket.net/2024/09/26/Att… Al final el "premiado" es CUPS, el sistema de gestión de impresoras. La vuln es un RCE que permite instalar "impresoras chungas" que ejecuten código en un equipo víctima(1/n)
NEW LAB 🥳: WinDbg Crash Dump Analysis by @DebugPrivilege
Using WinDbg to analyze dumps of CVE-2024-29824 and CVE-2023-29357 exploited in the wild.
👇Solve the incident here 👇
xintra.org
Test your memory forensic skills on:
👀Reflective DLL Injection…
If you have VMware ESXi and Active Directory in your environment, take 5 minutes now & create a group in each AD domain called "ESX Admins".
Make sure that the "ESX Admins" group is in a top-level administrative OU that only your AD admins manage.
#QuickFix
If you have VMware ESXi and Active Directory in your environment, take 5 minutes now & create a group in each AD domain called "ESX Admins".
Make sure that the "ESX Admins" group is in a top-level administrative OU that only your AD admins manage.
#QuickFix
In this blog we introduce Thread-Name Calling - A new process injection technique using Thread Name. We also discuss various scenarios in which this not widely-known API can be used for offense.
research.checkpoint.com/2024/thread-na…
This strange tweet got >25k retweets. The author sounds confident, and he uses lots of hex and jargon. There are red flags though... like what's up with the DEI stuff, and who says "stack trace dump"? Let's take a closer look... 🧵1/n
Security Researcher @tiraniddo discovered Microsoft Recall uses a 'conditional access trick' he himself noted recently.
You can bypass Recall access restrictions by getting a token on AIXHost.exe and then impersonating it.
More information: tiraniddo.dev/2024/06/workin…
Es un placer y un honor colaborar otro año en la #c1b3rwall, esta vez con una charla de metodologías de investigación de incidentes de ciberseguridad El programa completo aquí: c1b3rwall.policia.es/miscelanea/age… 😁
The tales of the Iranian Void Manticore 🦁
☠️Attacks using BiBi wiper
🦋Hack and Leak through Karma
🤝Close collaboration with Scarred Manticore
Read more :
research.checkpoint.com/2024/bad-karma…
After 15 years, YARA gets a major upgrade.
Introducing YARA-X: rewritten in Rust for better UX, improved performance, enhanced security, and easier integration.
YARA isn't dead, but YARA-X is the future.
Test it out and share your feedback!
virustotal.github.io/yara-x/blog/ya…
Without further ado - here is EtwInspector!
This is a C++ tool to help users interact with ETW providers. This tool supports the enumeration of providers, their events, and capture events.
github.com/jsecurity101/E…
Without further ado - here is EtwInspector!
This is a C++ tool to help users interact with ETW providers. This tool supports the enumeration of providers, their events, and capture events.
github.com/jsecurity101/E…
1 Followers 99 FollowingRecruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/zjcn80ciX4
8K Followers 6K Following#InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge
501 Followers 4K FollowingSecurity Researcher
-Random Incoherent Ramblings & Idiosyncrasies-
Trying To Add Words To Remaining ~54 Characters,
And Here Comes The Smelly ~~Brain Farts~~
277K Followers 4K FollowingPeriodista y escritor.
Patreon
https://t.co/M3BxRvXtQ2
En Bluesky
@nachomontesdeoca.bsky.social
En Youtube:
https://t.co/HoWfcX2ptn
6.2M Followers 1K FollowingBig stories and breaking news as they are published on https://t.co/EYmAcRLBHv. Register here to access free articles: https://t.co/NRg2hritkA
36K Followers 3K FollowingSecretario General de la ANTPJI, Perito en Informática Forense y en Documentoscopia UNED, Auditor Sistemas CISA, Hacker Ético CEHv7. 🇪🇸 🇺🇾
495K Followers 372 FollowingMedia platform covering global conflict zones. Focus on the Russian-Ukrainian war. If you'd like to support our voluntary work: https://t.co/PmM2wwDA1Y.
51K Followers 2K FollowingEditorial especializada en revistas y libros de historia, historia militar y arqueología. La historia es nuestra vocación, y nuestra pasión.
892 Followers 395 FollowingZimperium Inc. scholar, inventor.
FWIW opinions are my own.
Author of Fuzzing Against the Machine
founder @ https://t.co/1OJiGY3WHs
8K Followers 6K Following#InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge
12K Followers 488 FollowingSr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
5K Followers 47 FollowingWe secure software with deep-dive audits, cutting-edge research, and in-depth trainings.
Secure your solana program with Riverguard @ https://t.co/VmxVHzx2U2 🏞️💂
42K Followers 1K FollowingI am here to give you back your future. Human flourishing in the coming post-liberal West. The hour is late, and Moloch is within the gates. Foundationalism.
425 Followers 177 FollowingYa soy ingeniero informático!!! y desde el 2002 como técnico en telefonía móvil, pero... ahora dicen que hago forense a smartphones 😀
10K Followers 462 FollowingThreat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only.
https://t.co/iWvwWF1AnN
8K Followers 1K FollowingWe provide technology that empowers organizations to reimagine cybersecurity & protect what matters #SaaS #DigitalRiskManagement #CyberThreatIntelligence
2K Followers 1K FollowingPhD by @uc3m, I do things with compilers at QShield (@Quarkslab), co-author of 'Fuzzing against the machine', also RE and programming. English, Español, 日本語.