List of IP ranges owned by AWS, Google, OVH, Microsoft, and much more. For security researchers, easier mass web scanning - Created by Pyr0cc
๐ฃZeusRoot
Here's another useful set of scripts and data:
https://github.com/dpsystems/login-shield
This is an IP-based blacklist of known IP space of both rogue ISPs, foreign countries and VPN space that is used with iptables to block any login ports on your computer. We're using it on a few servers and it's blocked 99% of the unauthorized logins.
๐คmabu
This list is also very convenient for phishing website hosting :D
๐คHellcleaver
Microsoft publishes theirs because azure is all dynamic public IPโs for their PaaS services so without knowing Microsoftโs Ip blocks you have to make wide open firewall rules.
Now you only have to leave your PaaS open to all of Microsoft and their customer base.
Super secure.
๐คResidentKernel
๐@malwr
๐ฃZeusRoot
Here's another useful set of scripts and data:
https://github.com/dpsystems/login-shield
This is an IP-based blacklist of known IP space of both rogue ISPs, foreign countries and VPN space that is used with iptables to block any login ports on your computer. We're using it on a few servers and it's blocked 99% of the unauthorized logins.
๐คmabu
This list is also very convenient for phishing website hosting :D
๐คHellcleaver
Microsoft publishes theirs because azure is all dynamic public IPโs for their PaaS services so without knowing Microsoftโs Ip blocks you have to make wide open firewall rules.
Now you only have to leave your PaaS open to all of Microsoft and their customer base.
Super secure.
๐คResidentKernel
๐@malwr
The x86 Advanced Matrix Extension (AMX) Brings Matrix Operations
๐ฃmttd
Is it subject to branching? I'm thinking no, but hoping somebody who has read the reference manual might know.
๐คmasta
๐@malwr
๐ฃmttd
Is it subject to branching? I'm thinking no, but hoping somebody who has read the reference manual might know.
๐คmasta
๐@malwr
WikiChip Fuse
The x86 Advanced Matrix Extension (AMX) Brings Matrix Operations; To Debut with Sapphire Rapids
Intel publishes details of its upcoming Advanced Matrix Extension (AMX), an x86 extension set to debut with Sapphire Rapids that introduces a new matrix register file and accompanying matrix operations.
Frida 12.10 is out with HotSpot JVM support, Stalker ARM improvements, and more
๐ฃoleavr
Thanks for your work on this project, oleavr. Nice contrib,0xraaz.
๐คtruelai
This is great news. Thank you oleavr.
๐คjmp_jsp
๐@malwr
๐ฃoleavr
Thanks for your work on this project, oleavr. Nice contrib,0xraaz.
๐คtruelai
This is great news. Thank you oleavr.
๐คjmp_jsp
๐@malwr
Frida โข A world-class dynamic instrumentation toolkit
Frida 12.10 Released
Observe and reprogram running programs on Windows, macOS, GNU/Linux, iOS, watchOS, tvOS, Android, FreeBSD, and QNX
M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis
https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/covid-19-cybercrime-m00nd3v-hawkeye-malware-threat-actor/
โน๏ธ Sent from one of our members
๐@malwr
https://www.blueliv.com/cyber-security-and-cyber-threat-intelligence-blog-blueliv/research/covid-19-cybercrime-m00nd3v-hawkeye-malware-threat-actor/
โน๏ธ Sent from one of our members
๐@malwr
Blueliv
M00nD3v, HawkEye threat actor, sells malware after COVID-19 diagnosis
Key Points The information-stealing malware dubbed M00nD3v Logger was recently auctioned off on Hack Forums, together with HakwEye Reborn. The threat actor โ operating under the alias โM00nD3vโ โ states that they sold the malware in response to being diagnosedโฆ
CVE-2020-2021: Palo Alto Networks PAN-OS Vulnerable to Critical Authentication Bypass Vulnerability
๐ฃLowEnergyUsername
๐@malwr
๐ฃLowEnergyUsername
๐@malwr
Tenableยฎ
CVE-2020-2021: Palo Alto Networks PAN-OS Vulnerable to Critical Authentication Bypass Vulnerability
Critical authentication bypass vulnerability in PAN-OS devices could be exploited in certain configurations, which are commonly recommended by identity providers. Update July 2, 2020: The Recommended Configuration and Solution sections were updated to reflectโฆ
HID Attack using 1.5$ Arduino Rubber Ducky-ish
๐ฃjithins1610
A lot of people donโt trust these cause the price but theyโre a charm and so. Much. God. Damn. Fun.
๐คmaximus1218
Pro tip though, get several Digisparks. Thereโs probably a 20% chance they wonโt work
๐คmcbergstedt
The dollar sign goes first
๐คLegitimateCrepe
๐@malwr
๐ฃjithins1610
A lot of people donโt trust these cause the price but theyโre a charm and so. Much. God. Damn. Fun.
๐คmaximus1218
Pro tip though, get several Digisparks. Thereโs probably a 20% chance they wonโt work
๐คmcbergstedt
The dollar sign goes first
๐คLegitimateCrepe
๐@malwr
YouTube
Digispark Rubber Ducky | Arduino Rubber Ducky | HID Attack-Digispark USB Keyboard
Arduino Rubber Ducky using Digispark | Digispark HID Keyboard | HID Attack on a PC - In this video, I will show you how to hack a computer using Arduino HID ...
10 Years of Linux Security - A Report Card
๐ฃcitypw
Keep in mind that grsecurity's business model relies on painting Linux, and in particular Linux security, in a negative light.
I'm not saying that makes any of this information invalid by itself, but it's worth considering the source.
๐คawkisopen
I see words in that PDF but barely understand anything it's saying. Context is key.
This was clearly written by an engineer who had no idea whether or not the audience would understand the presentation.
๐คToasterToasts
Well, that could have benefited from some explanation of acronyms.
Most of the recommendations seemed to be process or attitude things. How about recommending some simplification, throwing away old code even if it still mostly works ? I'm mostly talking about user-space code. Could we get rid of the init structure and commit to systemd ? Get rid of some old encryption and hashing and VPN modules, force people onto the new stuff ? Have DNS specified in 1 place instead of 5 ?
๐คbilldietrich1
๐@malwr
๐ฃcitypw
Keep in mind that grsecurity's business model relies on painting Linux, and in particular Linux security, in a negative light.
I'm not saying that makes any of this information invalid by itself, but it's worth considering the source.
๐คawkisopen
I see words in that PDF but barely understand anything it's saying. Context is key.
This was clearly written by an engineer who had no idea whether or not the audience would understand the presentation.
๐คToasterToasts
Well, that could have benefited from some explanation of acronyms.
Most of the recommendations seemed to be process or attitude things. How about recommending some simplification, throwing away old code even if it still mostly works ? I'm mostly talking about user-space code. Could we get rid of the init structure and commit to systemd ? Get rid of some old encryption and hashing and VPN modules, force people onto the new stuff ? Have DNS specified in 1 place instead of 5 ?
๐คbilldietrich1
๐@malwr
ARMRef (ARMv8.5 assembly reference app)
๐ฃ_evilpenguin
Sadly no Android support
๐คKrieghofGames
๐@malwr
๐ฃ_evilpenguin
Sadly no Android support
๐คKrieghofGames
๐@malwr
GitHub
GitHub - evilpenguin/ARMRef: ARM Assembly Reference Manual for iOS, iPadOS, and macOS.
ARM Assembly Reference Manual for iOS, iPadOS, and macOS. - GitHub - evilpenguin/ARMRef: ARM Assembly Reference Manual for iOS, iPadOS, and macOS.
The analyzer automates the process of exploring EFI files. After the analysis, well-known protocols, interrupts, etc. are found.
https://github.com/DSecurity/efiSeek
๐@malwr
https://github.com/DSecurity/efiSeek
๐@malwr
GitHub
GitHub - DSecurity/efiSeek: Ghidra analyzer for UEFI firmware.
Ghidra analyzer for UEFI firmware. Contribute to DSecurity/efiSeek development by creating an account on GitHub.