Biden-โ Harris Administration Announces Cybersecurity Labeling Program for Smart Devices to Protect American Consumers
๐ฃdigicat
A) this will result in another new unnecessary government agency
B) the list of companies voluntarily committing to the program are all massive orgs, smaller agile and innovative orgs won't be able to compete
C) do the basics better, there's no need for this
๐คcrawdad101
I think this is a great idea but who's going to be in charge of this?
The Gov doesn't have enough people to independently review every single smart device that comes to market. So is it left on companies to self certify that they meet the requirements?
If it's self certification then what happens if a company fraudulently claims they meet the requirements when they don't? Are there penalties?
๐คAnApexBread
๐@malwr
๐ฃdigicat
A) this will result in another new unnecessary government agency
B) the list of companies voluntarily committing to the program are all massive orgs, smaller agile and innovative orgs won't be able to compete
C) do the basics better, there's no need for this
๐คcrawdad101
I think this is a great idea but who's going to be in charge of this?
The Gov doesn't have enough people to independently review every single smart device that comes to market. So is it left on companies to self certify that they meet the requirements?
If it's self certification then what happens if a company fraudulently claims they meet the requirements when they don't? Are there penalties?
๐คAnApexBread
๐@malwr
The White House
Biden-โ Harris Administration Announces Cybersecurity Labeling Program for Smart Devices to Protect American Consumers
Leading electronics and appliance manufacturers and retailers make voluntary commitments to increase cybersecurity on smart devices, help consumers choose
Streamlining Websocket Pentesting with wsrepl
๐ฃnibblesec
Nice work!
๐คilimanjf
I'm the author of this tool. As the blog post describes, I created it to address my own frustrations during engagements. If you've ever encountered challenges while testing websockets, I'd love to hear your thoughts.
๐คexecveat
๐@malwr
๐ฃnibblesec
Nice work!
๐คilimanjf
I'm the author of this tool. As the blog post describes, I created it to address my own frustrations during engagements. If you've ever encountered challenges while testing websockets, I'd love to hear your thoughts.
๐คexecveat
๐@malwr
Doyensec
Streamlining Websocket Pentesting with wsrepl
In an era defined by instant gratification, where life zips by quicker than a teenagerโs TikTok scroll, WebSockets have evolved into the heartbeat of web applications. Theyโre the unsung heroes in data streaming and bilateral communication, serving up everythingโฆ
VirusTotal Leak Data of 5,600 registered users
Better change those passwords.
Link here)
๐ฃhawaii_brian
I feel like I see data leaks of passwords all the time. What makes it so common?
How are they supposed to be stored? Hashed and salted?
๐คTheAnxiousPianist
"Usersโ names and e-mail addresses have been leaked, but passwords havenโt."
I have 2FA enabled but updated my password anyhow, making it longer and more complex.
๐คfmtheilig
Community notes about to get real interesting
๐คGoodEbening
๐@malwr
Better change those passwords.
Link here)
๐ฃhawaii_brian
I feel like I see data leaks of passwords all the time. What makes it so common?
How are they supposed to be stored? Hashed and salted?
๐คTheAnxiousPianist
"Usersโ names and e-mail addresses have been leaked, but passwords havenโt."
I have 2FA enabled but updated my password anyhow, making it longer and more complex.
๐คfmtheilig
Community notes about to get real interesting
๐คGoodEbening
๐@malwr
Help Net Security
VirusTotal leaked data of 5,600 registered users
VirusTotal has suffered a data leak, which exposed the names and email addresses of 5600 of its registered users.
๐1๐ฑ1
Detecting Fileless PowerShell operations
I am currently doing an internship where I am pen testing a proprietary incident response/memory forensics tool. I am new to pentesting/forensics in general. One of the things I am thinking about trying is using IEX in PowerShell to download/run things. Does this leave any kind of artifacts?
What would you be checking for in something like this?
I am planning on using atomic red team or caldera. I have noticed that with ART that the PowerShell commands you run are unique to that program and probably would not be a typical PowerShell command so perhaps not the best way to find out what PowerShell is actually doing but it seemed the easiest way to start testing quickly.
๐ฃGhostnineone
Depending on the setup of the target organisation, using powershell on the target will leave logs in the "Windows PowerShell.evtx" logs in decoded form, and if more logging are in place, "powershell transcripts" or "sysmon" logs may exist, other than logs, artifacts like Prefetch, ShimCache or AmCache can provide more evidence of powershell execution.
๐คOverZeeR
You can usually find PowerShell in the event logs.
๐คsmc0881
๐@malwr
I am currently doing an internship where I am pen testing a proprietary incident response/memory forensics tool. I am new to pentesting/forensics in general. One of the things I am thinking about trying is using IEX in PowerShell to download/run things. Does this leave any kind of artifacts?
What would you be checking for in something like this?
I am planning on using atomic red team or caldera. I have noticed that with ART that the PowerShell commands you run are unique to that program and probably would not be a typical PowerShell command so perhaps not the best way to find out what PowerShell is actually doing but it seemed the easiest way to start testing quickly.
๐ฃGhostnineone
Depending on the setup of the target organisation, using powershell on the target will leave logs in the "Windows PowerShell.evtx" logs in decoded form, and if more logging are in place, "powershell transcripts" or "sysmon" logs may exist, other than logs, artifacts like Prefetch, ShimCache or AmCache can provide more evidence of powershell execution.
๐คOverZeeR
You can usually find PowerShell in the event logs.
๐คsmc0881
๐@malwr
Reddit
From the computerforensics community on Reddit
Explore this post and more from the computerforensics community
โค1
The Tool List of IoT(Internet of Things) Device Search Engines
Internet Of Things (IoT) devices search engines
[Shodan](https://www.shodan.io/)
Criminal IP
[Airport webcams](http://airportwebcams.net/)
Insecam
[Lookr](https://www.lookr.com/)
Earthcam
[Openstreetcam](https://www.openstreetcam.org/map/)
Opentopia
[Pictimo](https://www.pictimo.com/)
Thingful
[Webcam.nl (NL)](https://webcam.nl/live_streaming/)
Webcams.travel
[Worldcam](https://worldcam.eu/)
censys
These tools can be utilized for discovering exposed IoT devices and detecting their vulnerabilities, open ports, etc.
Source: https://osint.link/
๐ฃtalentSA112200
๐@malwr
Internet Of Things (IoT) devices search engines
[Shodan](https://www.shodan.io/)
Criminal IP
[Airport webcams](http://airportwebcams.net/)
Insecam
[Lookr](https://www.lookr.com/)
Earthcam
[Openstreetcam](https://www.openstreetcam.org/map/)
Opentopia
[Pictimo](https://www.pictimo.com/)
Thingful
[Webcam.nl (NL)](https://webcam.nl/live_streaming/)
Webcams.travel
[Worldcam](https://worldcam.eu/)
censys
These tools can be utilized for discovering exposed IoT devices and detecting their vulnerabilities, open ports, etc.
Source: https://osint.link/
๐ฃtalentSA112200
๐@malwr
Shodan
Search engine of Internet-connected devices. Create a free account to get started.
citrixInspector: Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519
๐ฃdigicat
What are the experiences with the IoC checks so far?
๐คAlert-Sale2153
๐@malwr
๐ฃdigicat
What are the experiences with the IoC checks so far?
๐คAlert-Sale2153
๐@malwr
GitHub
GitHub - securekomodo/citrixInspector: Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrixโฆ
Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519 - securekomodo/citrixInspector
PurpleKeep: Providing Azure pipelines to create an infrastructure and run Atomic tests.
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
GitHub
GitHub - Retrospected/PurpleKeep: Providing Azure pipelines to create an infrastructure and run Atomic tests.
Providing Azure pipelines to create an infrastructure and run Atomic tests. - GitHub - Retrospected/PurpleKeep: Providing Azure pipelines to create an infrastructure and run Atomic tests.
๐1