What is Detection-Rule-Dump ?l
https://github.com/archanchoudhury/Detection-Rule-Dump
https://www.youtube.com/c/BlackPerl
#DFIR
#SIEM
#SOC

1)Microsoft on Friday said it's investigating an incident wherein a driver signed by the company turned out to be a malicious Windows rootkit that was observed communicating with command-and-control (C2) servers located in China.
https://thehackernews.com/2021/06/hackers-trick-microsoft-into-signing.html
https://www.virustotal.com/gui/file/63d61549030fcf46ff1dc138122580b4364f0fe99e6b068bc6a3d6903656aff0/detection
https://msrc-blog.microsoft.com/2021/06/25/investigating-and-mitigating-malicious-drivers/
2)Social Engineering with Spam result will be ransomware entire network
https://thehackernews.com/2021/06/dmarc-first-line-of-defense-against.html
مهندسی اجتماعی چیست و روش های آن :
https://blog.peneter.com/clubhouse-general-social-engineering-1/
https://blog.peneter.com/clubhouse-general-social-engineering-2-phishing/
https://blog.peneter.com/clubhouse-general-social-engineering-3-malware/
برای بررسی اینکه Domain در بلک لیست قرار دارد یا نه
https://powerdmarc.com/analyzer/
https://mxtoolbox.com/
3)SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers
APT های این چند وقت اخیر
It's tracked by the wider cybersecurity community under the monikers APT29, UNC2452 (FireEye), SolarStorm (Unit 42), StellarParticle (Crowdstrike), Dark Halo (Volexity), and Iron Ritual (Secureworks).
https://thehackernews.com/2021/06/solarwinds-hackers-breach-microsoft.html
🌐 Peneter BLog
🔊 Clubhouse
🔊 Telegram Channel

universal cross-site scripting (UXSS) issue that's triggered when automatically translating web pages using the browser's built-in feature via Microsoft Translator.
اگر از Edge استفاده میکنید حتما اپدیتش کنید چون خیلی ها کار صرافی می کنند با VPS از Edge استفاده می کنند !
روش آپدیت
edge://settings/help
رو تو آدرس بار بزنید آخرین ورژن نبود بزنین آپدیت بشه
https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html
🌐 Peneter BLog
🔊 Clubhouse
🔊 Telegram Channel

Penetration Testing Mind (Full )
Credit : Alireza Tavakoli
#HackingMind
#hackingSteps

نسخه فارسی Penetration Testing Mind
Credit : Hamid Kashfi

Information Gathering Xmind
Credit : Soheil Hashemi
Good for Penetration Testing Report

Vulnerability Assessments Part
Credit : soheil Hashemi

Data for 700M #LinkedIn Users Posted for Sale in #Raidforums
https://threatpost.com/data-700m-linkedin-users-cyber-underground/167362/?utm_source=dlvr.it&utm_medium=linkedin
https://raidforums.com/Thread-SELLING-New-Linkedin-2021-700Million-records?highlight=linkedin

Disclosure of a bug in Adobe’s content-management solution – used by Mastercard, LinkedIn and PlayStation – were released.
https://threatpost.com/rce-bug-in-adobe-revealed/167382/
#adobe
#0day

CVE-2021-35523: Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30
https://bogner.sh/2021/06/local-privilege-escalation-in-securepoint-ssl-vpn-client-2-0-30/

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent

https://github.com/irsl/gcp-dhcp-takeover-code-exec
#googlecloud
#takeover

CVE-2020-1170 - Microsoft Windows Defender Elevation of Privilege Vulnerability

CVE-2020-1170, an elevation of privilege bug in Windows Defender

https://itm4n.github.io/cve-2020-1170-windows-defender-eop/

Top 10 Vulnerabilities: Internal Infrastructure Pentest

https://www.infosecmatter.com/top-10-vulnerabilities-internal-infrastructure-pentest/

IBM Gifts Threat Hunting Tool to Open Cybersecurity Alliance
Kestrel Threat Hunting Language
https://github.com/opencybersecurityalliance/kestrel-lang
#threathunting #opensource

Pwning Cisco ISE: From Cross Site Scripting to Root Shell!
https://www.reddit.com/r/ReverseEngineering/comments/oasy1n/pwning_cisco_ise_from_cross_site_scripting_to/

Operation Eagle Eye - RCE to Enterprise Man-In-The-Middle
https://www.securifera.com/blog/2021/06/24/operation-eagle-eye/