Forwarded from T.Hunter
#OSINT #Photo Всех с началом трудовой недели. Сегодня я поговорю с вами об источниках исследования фотографий в целях идентификации лиц и объектов на снимке, а также получения его метаданных и многом другом:
├Jeffrey's (Metadata Viewer)
├pic2map (Metadata Viewer)
├exiftool (Metadata Viewer)
├search4faces (Find Face)
├findclone (Find Face)
├yandex (Find Face)
├@findfacerobot (Find Face)
├@Quick_OSINT_bot (Find Face)
├@ssb_russian_probiv_bot (Find Face)
├eyeofgod (Find Face)
├azure (Find Face)
├betaface (Find Face)
├pictriev (Find Face)
├quiz (Find Face)
├allaboutbirds (Object Ident.)
├plantnet (Object Ident.)
├peakfinder (Object Ident.)
├forensics (Photo Forensic)
├sherloq (Photo Forensic)
├ballistics (Photo Forensic)
├descarteslabs (Factchecking)
├mapchecking (Factchecking)
├suncalc (Factchecking)
├fotorobot (Modelling)
├3Dface (Modelling)
├cameratrace (Camera Trace)
├stolencamerafinder (Camera Trace)
├depix (Photo Enhancer)
├upscaler (Photo Enhancer)
└myheritage (Photo Enhancer)
@tomhunter
├Jeffrey's (Metadata Viewer)
├pic2map (Metadata Viewer)
├exiftool (Metadata Viewer)
├search4faces (Find Face)
├findclone (Find Face)
├yandex (Find Face)
├@findfacerobot (Find Face)
├@Quick_OSINT_bot (Find Face)
├@ssb_russian_probiv_bot (Find Face)
├eyeofgod (Find Face)
├azure (Find Face)
├betaface (Find Face)
├pictriev (Find Face)
├quiz (Find Face)
├allaboutbirds (Object Ident.)
├plantnet (Object Ident.)
├peakfinder (Object Ident.)
├forensics (Photo Forensic)
├sherloq (Photo Forensic)
├ballistics (Photo Forensic)
├descarteslabs (Factchecking)
├mapchecking (Factchecking)
├suncalc (Factchecking)
├fotorobot (Modelling)
├3Dface (Modelling)
├cameratrace (Camera Trace)
├stolencamerafinder (Camera Trace)
├depix (Photo Enhancer)
├upscaler (Photo Enhancer)
└myheritage (Photo Enhancer)
@tomhunter
T.Hunter
#OSINT #Photo Всех с началом трудовой недели. Сегодня я поговорю с вами об источниках исследования фотографий в целях идентификации лиц и объектов на снимке, а также получения его метаданных и многом другом: ├Jeffrey's (Metadata Viewer) ├pic2map (Metadata…
🔧 Toolset for OSINT of photos / picture files.
A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies.
https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies/
https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies/
Check Point Research
A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies - Check Point Research
Research by: Aliaksandr Trafimchuk, Raman Ladutska This research comes as a follow-up to our previous article on Trickbot, “When Old Friends Meet Again: Why Emotet Chose Trickbot For Rebirth” where we provided an overview of the Trickbot infrastructure after…
This media is not supported in your browser
VIEW IN TELEGRAM
Data-Leak: A new leak, 18,000 records of Swiss bank accounts holding more than $100 billion in assets are called #SuisseSecrets.
The leak will come from the investigative journalists consortium OCCRP.
Waiting for the next "PanamaPaper" v.2.0.
The leak will come from the investigative journalists consortium OCCRP.
Waiting for the next "PanamaPaper" v.2.0.
Researchers from China's 🇨🇳 Pangu Lab have disclosed details of a "top-tier" backdoor put to use by the Equation Group, an advanced persistent threat (APT) with alleged ties to the cyber-warfare intelligence-gathering unit of the U.S. National Security Agency (NSA).
https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/
https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html
https://www.pangulab.cn/en/post/the_bvp47_a_top-tier_backdoor_of_us_nsa_equation_group/
https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html
www.pangulab.cn
The Bvp47 - a Top-tier Backdoor of US NSA Equation Group
Cyber-War by Russia 🇷🇺: Samples of the destructive MBR wiper targeting Ukraine 🇺🇦
Samples: https://samples.vx-underground.org/APTs/2022/2022.02.23(2)/
Samples: https://samples.vx-underground.org/APTs/2022/2022.02.23(2)/
CVE-2022-21971: Uninitialized pointer free in prauthproviders.
https://github.com/0vercl0k/CVE-2022-21971
https://github.com/0vercl0k/CVE-2022-21971
GitHub
GitHub - 0vercl0k/CVE-2022-21971: PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" - 0vercl0k/CVE-2022-21971
Re-ReBreakCaptcha: Breaking Google’s ReCaptcha v2 using.. Google.. Again – East-Ee Security (By Yair Mizrahi).
https://east-ee.com/2022/02/28/1367/
https://east-ee.com/2022/02/28/1367/
Verbatim viz
Anonymous!
"We successfully staged a cyber attack against the Belarusian railway infrastructure, designed to halt Russian military movements. Trains stopped in Minsk, Orsha, and Osipovichi
The railway system uses Windows XP. "
Russia 🇷🇺 vs Ukraine 🇺🇦 Cyber-War
https://twitter.com/AnonUkraine_/status/1498251582760267776
Anonymous!
"We successfully staged a cyber attack against the Belarusian railway infrastructure, designed to halt Russian military movements. Trains stopped in Minsk, Orsha, and Osipovichi
The railway system uses Windows XP. "
Russia 🇷🇺 vs Ukraine 🇺🇦 Cyber-War
https://twitter.com/AnonUkraine_/status/1498251582760267776
⚠️ Leaked stolen Nvidia cert can sign Windows malware.
An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems.
https://go.theregister.com/feed/www.theregister.com/2022/03/05/nvidia_stolen_certificate/
An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems.
https://go.theregister.com/feed/www.theregister.com/2022/03/05/nvidia_stolen_certificate/
The Register
Leaked stolen Nvidia key can sign Windows malware
70k staff email addresses and NTLM password hashes also dumped online
cKure Red
⚠️ Leaked stolen Nvidia cert can sign Windows malware. An Nvidia code-signing certificate was among the mountain of files stolen and leaked online by criminals who ransacked the GPU giant's internal systems. https://go.theregister.com/feed/www.theregist…
Malware now using stolen NVIDIA code signing certificates.
According to samples uploaded to the VirusTotal malware scanning service, the stolen certificates were used to sign various malware and hacking tools, such as Cobalt Strike beacons, Mimikatz, backdoors, and remote access trojans.
https://www.bleepingcomputer.com/news/security/malware-now-using-stolen-nvidia-code-signing-certificates/
According to samples uploaded to the VirusTotal malware scanning service, the stolen certificates were used to sign various malware and hacking tools, such as Cobalt Strike beacons, Mimikatz, backdoors, and remote access trojans.
https://www.bleepingcomputer.com/news/security/malware-now-using-stolen-nvidia-code-signing-certificates/
There are active credentials being harvested via Stealer malware.
The undermentioned is a list of government sites affected.
https://docs.google.com/spreadsheets/u/0/d/1KC615oNu1GJN4hymAR1Hxe1M46WG_FW4UMmHWbD3y3s/htmlview
The undermentioned is a list of government sites affected.
https://docs.google.com/spreadsheets/u/0/d/1KC615oNu1GJN4hymAR1Hxe1M46WG_FW4UMmHWbD3y3s/htmlview
🔧 Tool: Ligolo; reverse tunneling made easy for pentesters, by pentesters.
https://github.com/sysdream/ligolo
https://github.com/sysdream/ligolo
GitHub
GitHub - sysdream/ligolo: Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/ - sysdream/ligolo
A lock with many keys: Spoofing DNSSEC-signed domains in 8.8.8.8.
https://www.sidnlabs.nl/en/news-and-blogs/a-lock-with-many-keys-spoofing-dnssec-signed-domains-in-8-8-8-8
https://www.sidnlabs.nl/en/news-and-blogs/a-lock-with-many-keys-spoofing-dnssec-signed-domains-in-8-8-8-8
The_Art_Of_War.pdf
412.2 KB
An ancient guide to all warfare. By Sun Tzu.
● I had heard about it as a child and read it once I was trained as a hacker. I can say; it makes sense.
● I had heard about it as a child and read it once I was trained as a hacker. I can say; it makes sense.
This media is not supported in your browser
VIEW IN TELEGRAM
Dirty Pipe -> kernel r/w+selinux disabled+root shell on Pixel 6 Pro and Sasmsung S22 latest update.
Source: https://twitter.com/i/status/1503422980612923404
Source: https://twitter.com/i/status/1503422980612923404
B1txor20, A Linux Backdoor Using DNS Tunnel.
https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en
https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en
360 Netlab Blog - Network Security Research Lab at 360
New Threat: B1txor20, A Linux Backdoor Using DNS Tunnel
Background
Since the Log4J vulnerability was exposed, we see more and more malware jumped on the wagon, Elknot, Gafgyt, Mirai are all too familiar, on February 9, 2022, 360Netlab's honeypot system captured an unknown ELF file propagating through the Log4J…
Since the Log4J vulnerability was exposed, we see more and more malware jumped on the wagon, Elknot, Gafgyt, Mirai are all too familiar, on February 9, 2022, 360Netlab's honeypot system captured an unknown ELF file propagating through the Log4J…
A phishing / MITM tool 🔧 | Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication .
https://github.com/kgretzky/evilginx2
https://github.com/kgretzky/evilginx2
GitHub
GitHub - kgretzky/evilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session…
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication - kgretzky/evilginx2