Monitoring with PowerShell: Monitoring Onedrive client limitations
Hi guys!
So my older blog about monitoring the Onedrive sync status was pretty well received, and I figured that this new blog might just help with a missing piece of the puzzle for some of your: https://www.cyberdrain.com/monitoring-with-powershell-monitoring-the-onedrive-client-limitations/
The Onedrive client tends to get some performance issues when syncing more than 300k objects(files and folders) and more often than not it takes some time to figure out where the issue is coming from. This monitoring set should work to tackle that for you.
Hope it helps, and if there's any questions, let me know!
π£Lime-TeGek
π@malwr
Hi guys!
So my older blog about monitoring the Onedrive sync status was pretty well received, and I figured that this new blog might just help with a missing piece of the puzzle for some of your: https://www.cyberdrain.com/monitoring-with-powershell-monitoring-the-onedrive-client-limitations/
The Onedrive client tends to get some performance issues when syncing more than 300k objects(files and folders) and more often than not it takes some time to figure out where the issue is coming from. This monitoring set should work to tackle that for you.
Hope it helps, and if there's any questions, let me know!
π£Lime-TeGek
π@malwr
Cyberdrain
Monitoring with PowerShell: Monitoring the Onedrive client limitations
This is meta description
Top 16 Active Directory Vulnerabilities
π£dmchell
Bookmarking for later thanks
π€minecrater1
Nice!
π€biglib
π@malwr
π£dmchell
Bookmarking for later thanks
π€minecrater1
Nice!
π€biglib
π@malwr
InfosecMatter
Top 16 Active Directory Vulnerabilities - InfosecMatter
Practical steps on how to pentest Active Directory environments using a list of most common AD vulnerabilities. Tools and command examples for testing and exploitation of AD vulnerabilities.
Understanding the root cause of F5 Networks K52145254: TMUI RCE vulnerability CVE-2020-5902
π£digicat
Iβm a simple man. I see root cause I upvote.
Wish more problems were discussed like that. Understanding problems os the key to not repeating them.
π€nkrgovic
Interesting read. This one was bad.
π€hazmatte
π@malwr
π£digicat
Iβm a simple man. I see root cause I upvote.
Wish more problems were discussed like that. Understanding problems os the key to not repeating them.
π€nkrgovic
Interesting read. This one was bad.
π€hazmatte
π@malwr
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
What are some good books for malware analysis?
I was thinking of buying both practical malware analysis and malware data science but, practical malware analysis came out 2012 and I is probably outdated.
Is there any other book you would recommend? Or should I just go with the two I have in my mind?
π£Enes_24
People tend to have the impression that books about security date quickly; in general this is not true.
Practical Malware Analysis and Malware Analyst's Cookbook are still quite useful. I might suggest The Art of Memory Forensics too.
π€thatwasntme806
The Malware Forensics Field Guide for Linux Systems (2014) is still a good read, covering a lot of what's out there. I think Windows has gotten significantly more complex in the interim since its publication, so you'll want something more current for Windows Malware.
π€Borne2Run
Not a book but checkout the malwareunicorn workshops. The Reverse Engineering 101 is a good place to start.
https://malwareunicorn.org/#/workshops
π€wonka_fans_only
π@malwr
I was thinking of buying both practical malware analysis and malware data science but, practical malware analysis came out 2012 and I is probably outdated.
Is there any other book you would recommend? Or should I just go with the two I have in my mind?
π£Enes_24
People tend to have the impression that books about security date quickly; in general this is not true.
Practical Malware Analysis and Malware Analyst's Cookbook are still quite useful. I might suggest The Art of Memory Forensics too.
π€thatwasntme806
The Malware Forensics Field Guide for Linux Systems (2014) is still a good read, covering a lot of what's out there. I think Windows has gotten significantly more complex in the interim since its publication, so you'll want something more current for Windows Malware.
π€Borne2Run
Not a book but checkout the malwareunicorn workshops. The Reverse Engineering 101 is a good place to start.
https://malwareunicorn.org/#/workshops
π€wonka_fans_only
π@malwr
reddit
What are some good books for malware analysis?
I was thinking of buying both practical malware analysis and malware data science but, practical malware analysis came out 2012 and I is probably...
Code analysis of CryCryptor Ransomware and its vulnerability that allowed to create a decryption tool
π£barakadua131
π@malwr
π£barakadua131
π@malwr
YouTube
Analysis of CryCryptor Android Ransomware and how I created decryptor | fake COVID-19 tracing app
Code and vulnerability analysis of CryCryptor Android Ransomware that was distributed via malicious websites as COVID-19 Tracing app in Canada.
More information: https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canadaβ¦
More information: https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canadaβ¦
ExAllocatePoolZero
π£FastInvite2k2
> you can see that check is made for build numbers later than 18362. The problem with that is that Windows 1909 isnβt build 18362, itβs 18363.
The off-by-one error strikes again, this time in kernel mode.
π€WonderfulNinja
π@malwr
π£FastInvite2k2
> you can see that check is made for build numbers later than 18362. The problem with that is that Windows 1909 isnβt build 18362, itβs 18363.
The off-by-one error strikes again, this time in kernel mode.
π€WonderfulNinja
π@malwr
OSR
Bug in New Function ExAllocatePoolZero Results in Security Vulnerability and Crashes
Update: Late in December 2020 Microsoft issued an update to the WDK/EWDK that includes mitigations for this security issue. See our blog post describing these updates. tl;dr Last week (week of 5 Juβ¦
Interesting tactic by Ratty & Adwind for distribution of JAR appended to signed MSI - Securityinbits
π£anuraggawande
π@malwr
π£anuraggawande
π@malwr
Securityinbits
Interesting tactic by Ratty & Adwind for distribution of JAR appended to signed MSI - CVE-2020-1464 - Securityinbits
This article discusses an interesting tactic (CVE-2020-1464) actively used by different Java RAT malware authors like Ratty & Adwind to distribute malicious JAR appended to signed MSI files.
LibreHealth Version 2.0.0 - Multiple High-Risk CVEs
π£breach_house
Reading through the unmerged pull requests here, surely there's a point where this many "string concatenation straight into SQL" combines with "this was fixed years ago in the other product this was forked from", a vendor that got a 30 day disclosure extended to 90 days and still hasn't merged fixes, and you've got to consider whether the product can really be salvaged.
π€disclosure5
π@malwr
π£breach_house
Reading through the unmerged pull requests here, surely there's a point where this many "string concatenation straight into SQL" combines with "this was fixed years ago in the other product this was forked from", a vendor that got a 30 day disclosure extended to 90 days and still hasn't merged fixes, and you've got to consider whether the product can really be salvaged.
π€disclosure5
π@malwr
Bishopfox
LibreHealth Version 2.0.0
Bishop Fox advisory on five vulnerabilities in LibreHealth application 2.0.0 including SQL injection, cross-site scripting and cross-site request forgery.
SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers - Check Point Research
π£digicat
We are all remediated now but this is an ugly ugly hole that is going to lead to some multi million dollar hacks against companies who donβt patch promptly.
π€afwaller
Seems kinda bold of them to give the world only a few hours head start to patch their systems given that it's not thought to be in the wild yet. Shoulda bought CheckPoint IPS I guess /shrug.
π€OnARedditDiet
π@malwr
π£digicat
We are all remediated now but this is an ugly ugly hole that is going to lead to some multi million dollar hacks against companies who donβt patch promptly.
π€afwaller
Seems kinda bold of them to give the world only a few hours head start to patch their systems given that it's not thought to be in the wild yet. Shoulda bought CheckPoint IPS I guess /shrug.
π€OnARedditDiet
π@malwr