Preparing for a Russian cyber offensive against Ukraine this winter
π£digicat
There is no such thing as a cyber offensive or cyber weapons.
π€jdmark
Why would it now - almost a year after the start of the war?
I think the Russians just can't do it. Sure, little pinpricks here and there...
π€RedWineAndWomen
π@malwr
π£digicat
There is no such thing as a cyber offensive or cyber weapons.
π€jdmark
Why would it now - almost a year after the start of the war?
I think the Russians just can't do it. Sure, little pinpricks here and there...
π€RedWineAndWomen
π@malwr
Microsoft On the Issues
Preparing for a Russian cyber offensive against Ukraine this winter
As we report more fully below, in the wake of Russian battlefield losses to Ukraine this fall, Moscow has intensified its multi-pronged hybrid technology approach to pressure the sources of Kyivβs military and political support, domestic and foreign. Thisβ¦
ida_gpt: This is a basic idapython script to get you started with analyzing disassembly with GPT. Load it as a script file or just copy/paste the whole thing into your REPL.
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - MayerDaniel/ida_gpt
Contribute to MayerDaniel/ida_gpt development by creating an account on GitHub.
ine-labs/GCPGoat. GCPGoat is a vulnerable by design infrastructure on GCP featuring the latest released OWASP Top 10 web application security risks (2021)
π£munrobotic
π@malwr
π£munrobotic
π@malwr
GitHub
GitHub - ine-labs/GCPGoat: GCPGoat : A Damn Vulnerable GCP Infrastructure
GCPGoat : A Damn Vulnerable GCP Infrastructure. Contribute to ine-labs/GCPGoat development by creating an account on GitHub.
Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable - In this fourth blog covering vulnerable GitHub Actions, we will explore this new technique of artifact poisoning and describe who could be vulnerable, including how we found this vulnerability in the Rust programming language
π£digicat
π@malwr
π£digicat
π@malwr
Legitsecurity
Novel Pipeline Vulnerability Discovered; Rust Found Vulnerable
New software supply chain vulnerabilities use artifact poisoning and attack the software development pipelines on projects using GitHub Actions.
AzureGraph: Azure AD enumeration over MS Graph
π£digicat
Hey can't click on link yet but can I use this officially instead of powershell for azure administration?
π€TwixPoe
Nice tool, seems well built and nice that it uses MS Graph rather than PowerShell, but not sure what the use case for something like this would be rather than something like AzureHound that can map out paths of attack, or just interacting with Microsoft's Graph Explorer or PowerShell commands.
Nonetheless a nice little tool.
π€carrots32
π@malwr
π£digicat
Hey can't click on link yet but can I use this officially instead of powershell for azure administration?
π€TwixPoe
Nice tool, seems well built and nice that it uses MS Graph rather than PowerShell, but not sure what the use case for something like this would be rather than something like AzureHound that can map out paths of attack, or just interacting with Microsoft's Graph Explorer or PowerShell commands.
Nonetheless a nice little tool.
π€carrots32
π@malwr
GitHub
GitHub - JoelGMSec/AzureGraph: Azure AD enumeration over MS Graph
Azure AD enumeration over MS Graph. Contribute to JoelGMSec/AzureGraph development by creating an account on GitHub.
A Detailed Analysis of The Last Version of REvil Ransomware [PDF](https://securityscorecard.pathfactory.com/research/detailed-analysis-revil)
π£CyberMasterV
π@malwr
π£CyberMasterV
π@malwr
Security Scorecard
A Detailed Analysis Of The Last Version Of R Evil Ransomware
Reko decompiler 0.11.2 released
π£jkl_uxmal
NuGet will be available at https://www.nuget.org/packages/Reko.Decompiler.Runtime. It's taking a while for the new package to get verified.
π€jkl_uxmal
π@malwr
π£jkl_uxmal
NuGet will be available at https://www.nuget.org/packages/Reko.Decompiler.Runtime. It's taking a while for the new package to get verified.
π€jkl_uxmal
π@malwr
GitHub
Release Version 0.11.2 Β· uxmal/reko
My, has it been that long already since last release? Here's an overview of what's happened since.
The Reko solution was moved to .NET 6. As expected, performance and memory footprint was i...
The Reko solution was moved to .NET 6. As expected, performance and memory footprint was i...
CVE / NVD doesnβt work for open source and supply chain security - part one, what's wrong
π£jnazario
π@malwr
π£jnazario
π@malwr
Linkedin
CVE / NVD doesnβt work for open source and supply chain security - part one, what's wrong
I had to split this article into two parts. Part one describes what I think is wrong and part two, which is coming next week, is a proposed architecture to improve it.