Observations From Business Email Compromise (BEC) Attacks
#trustedsec
Since joining TrustedSec, I have gotten to work numerous cases, and each of them is like unraveling a mystery to get at the truth—especially the situations that have involved business email compromise (or BEC).…
via TrustedSec Blog (author: Thomas Millar)
#trustedsec
Since joining TrustedSec, I have gotten to work numerous cases, and each of them is like unraveling a mystery to get at the truth—especially the situations that have involved business email compromise (or BEC).…
via TrustedSec Blog (author: Thomas Millar)
Ghostwriter v4.1: The Custom Fields Update
#specterops
via SpecterOps Team Medium (author: Christopher Maddalena)
#specterops
via SpecterOps Team Medium (author: Christopher Maddalena)
Medium
Ghostwriter v4.1: The Custom Fields Update
Introducing the awesome changes in the latest Ghostwriter
❤1
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum
#trustedsec
Last year, Andrew and I posted a four (4) part blog series covering various Active Directory (AD) attributes and how…
via TrustedSec Blog (author: Megan Nilsen)
#trustedsec
Last year, Andrew and I posted a four (4) part blog series covering various Active Directory (AD) attributes and how…
via TrustedSec Blog (author: Megan Nilsen)
Using Microsoft Dev Tunnels for C2 Redirection
#redsiege
by Justin Palk, Senior Security Consultant As penetration testers, we’re always on the lookout for new ways to get our command-and-control (C2) traffic out of a client’s network, evading […]
via RedSiege Blog (author: Justin Connors)
#redsiege
by Justin Palk, Senior Security Consultant As penetration testers, we’re always on the lookout for new ways to get our command-and-control (C2) traffic out of a client’s network, evading […]
via RedSiege Blog (author: Justin Connors)
Ransomware during a Pentest, Yes or No?
#bcsecurity
NOTE: Some of the topics in this article are probably going to be a bit contentious, but part of the hope in publishing this article is to drive some additional discussion within the offensive security community Ransomware has become one of the most prevalent threats that companies face today. It [...]
via BC Security Blog (author: Hubbl3)
#bcsecurity
NOTE: Some of the topics in this article are probably going to be a bit contentious, but part of the hope in publishing this article is to drive some additional discussion within the offensive security community Ransomware has become one of the most prevalent threats that companies face today. It [...]
via BC Security Blog (author: Hubbl3)
PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 1
#trustedsec
Vulnerability IdentificationPCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities, and its predecessors in previous versions of PCI DSS have long been misunderstood. This…
via TrustedSec Blog (author: Chris Camejo)
#trustedsec
Vulnerability IdentificationPCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities, and its predecessors in previous versions of PCI DSS have long been misunderstood. This…
via TrustedSec Blog (author: Chris Camejo)
Rooting out Risky SCCM Configs with Misconfiguration Manager
#specterops
via SpecterOps Team Medium (author: Chris Thompson)
#specterops
via SpecterOps Team Medium (author: Chris Thompson)
Medium
Rooting out Risky SCCM Configs with Misconfiguration Manager
tl;dr: I wrote a script to identify every TAKEOVER and ELEVATE attack in Misconfiguration Manager.
Introducing Delta Encoder
#redsiege
Recently, our own Mike Saunders released a novel shellcode obfuscation technique with the tool Jigsaw. If you haven’t checked out the GitHub repository or his blog post, I highly recommend […]
via RedSiege Blog (author: Justin Connors)
#redsiege
Recently, our own Mike Saunders released a novel shellcode obfuscation technique with the tool Jigsaw. If you haven’t checked out the GitHub repository or his blog post, I highly recommend […]
via RedSiege Blog (author: Justin Connors)
PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 2
#trustedsec
Risk RankingThis is part two (2) of a three (3) part series on PCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities. This requirement is one (1) of the most misunderstood PCI DSS…
via TrustedSec Blog (author: Chris Camejo)
#trustedsec
Risk RankingThis is part two (2) of a three (3) part series on PCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities. This requirement is one (1) of the most misunderstood PCI DSS…
via TrustedSec Blog (author: Chris Camejo)
Flaw in PuTTY P-521 ECDSA signature generation leaks SSH private keys
#nettitude
CVE-2024-31497 is a vulnerability in PuTTY, a popular Windows SSH client, relating to a flaw in its P-521 ECDSA implementation. This vulnerability is known to affect versions 0.68 through 0.80, which span the last 7 years. This potentially affects anyone who has used a P-521 ECDSA SSH key with an affected version, regardless of whether [...]
via Nettitude Labs Blog (author: Graham Sutherland)
#nettitude
CVE-2024-31497 is a vulnerability in PuTTY, a popular Windows SSH client, relating to a flaw in its P-521 ECDSA implementation. This vulnerability is known to affect versions 0.68 through 0.80, which span the last 7 years. This potentially affects anyone who has used a P-521 ECDSA SSH key with an affected version, regardless of whether [...]
via Nettitude Labs Blog (author: Graham Sutherland)
Entra ID Banned Password Lists: password spraying optimizations and defenses
#synacktiv
via Synacktiv Blog (author: Matthieu Barjole)
#synacktiv
via Synacktiv Blog (author: Matthieu Barjole)
Introducing DAST scanning in the Cloud, with Burp Suite Enterprise Edition
#portswigger
We’re excited to announce that Burp Suite Enterprise Edition is now available in PortSwigger’s secure cloud. You can now free up testing time with scalable, automated DAST scanning, without the burden
via PortSwigger Blog
#portswigger
We’re excited to announce that Burp Suite Enterprise Edition is now available in PortSwigger’s secure cloud. You can now free up testing time with scalable, automated DAST scanning, without the burden
via PortSwigger Blog
Introducing the MLCommons AI Safety v0.5 Proof of Concept
#nettitude
Artificial Intelligence (AI) has been making significant strides in recent years, with advancements in machine learning and deep learning techniques. However, as AI systems become more complex and powerful, ensuring their safety becomes increasingly critical. In a ground-breaking move towards enhancing AI safety, MLCommons, an open collaboration-focused Artificial Intelligence engineering consortium, has unveiled the MLCommons [...]
via Nettitude Labs Blog (author: Dave Parsons)
#nettitude
Artificial Intelligence (AI) has been making significant strides in recent years, with advancements in machine learning and deep learning techniques. However, as AI systems become more complex and powerful, ensuring their safety becomes increasingly critical. In a ground-breaking move towards enhancing AI safety, MLCommons, an open collaboration-focused Artificial Intelligence engineering consortium, has unveiled the MLCommons [...]
via Nettitude Labs Blog (author: Dave Parsons)
Quantum readiness: Introduction to Modern Cryptography
#synacktiv
via Synacktiv Blog (author: Webmaster)
#synacktiv
via Synacktiv Blog (author: Webmaster)
CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM
#nettitude
The Cisco C195 is a Cisco Email Security Appliance device. Its role is to act as an SMTP gateway on your network perimeter. This device (and the full range of appliance devices) is heavily locked down and prevents unauthorised code from running. Source: https://www.melbourneglobal.com.au/cisco-esa-c195-k9-esa-c195-email/ I recently took one of these apart in order [...]
via Nettitude Labs Blog (author: Aaron Thacker)
#nettitude
The Cisco C195 is a Cisco Email Security Appliance device. Its role is to act as an SMTP gateway on your network perimeter. This device (and the full range of appliance devices) is heavily locked down and prevents unauthorised code from running. Source: https://www.melbourneglobal.com.au/cisco-esa-c195-k9-esa-c195-email/ I recently took one of these apart in order [...]
via Nettitude Labs Blog (author: Aaron Thacker)
👍1
OUned.py: exploiting hidden Organizational Units ACL attack vectors in Active Directory
#synacktiv
via Synacktiv Blog (author: Quentin Roland)
#synacktiv
via Synacktiv Blog (author: Quentin Roland)
So I became a node: exploiting bootstrap tokens in Azure Kubernetes Service
#synacktiv
via Synacktiv Blog (author: Paul Barbé)
#synacktiv
via Synacktiv Blog (author: Paul Barbé)
PCI DSS Vulnerability Management: The Most Misunderstood Requirement – Part 3
#trustedsec
This is part three (3) of a three (3) part series on PCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities. This requirement is one (1) of the most misunderstood…
via TrustedSec Blog (author: Chris Camejo)
#trustedsec
This is part three (3) of a three (3) part series on PCI DSS version 4.0 requirement 6.3.1, for identification and management of vulnerabilities. This requirement is one (1) of the most misunderstood…
via TrustedSec Blog (author: Chris Camejo)
Loading DLLs Reflections
#trustedsec
We're back with another post about common malware techniques. This time we're not talking about process hollowing. We are going to branch off and talk about the reflective loading of a DLL. This is a technique used to…
via TrustedSec Blog (author: Scott Nusbaum)
#trustedsec
We're back with another post about common malware techniques. This time we're not talking about process hollowing. We are going to branch off and talk about the reflective loading of a DLL. This is a technique used to…
via TrustedSec Blog (author: Scott Nusbaum)
🔥1