Public Preview: Strictly Enforce Location Policies with Continuous Access Evaluation
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
TECHCOMMUNITY.MICROSOFT.COM
Public Preview: Strictly Enforce Location Policies with Continuous Access Evaluation
Strictly enforce location policies using continuous access evaluation is now in public preview!โ
CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
GitHub
GitHub - Chocapikk/CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability - Chocapikk/CVE-2023-29357
Open-Source Remote Access Trojan Targets Armenian Airport and State Institutions - from Sept 22
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
CyberHUB-AM
Open-Source Remote Access Trojan Targets Armenian Airport and State Institutions - CyberHUB-AM
Threat-researchers at CyberHUB-AM, with the support from Internewsโ Martijn Grooten, are tracking [โฆ]
Strengthening Your Defense Against IdP (Identity Provider)Attacks: Leveraging Google Workspace Admin Logs - pay to play in some cases
๐ฃdigicat
๐@malwr
๐ฃdigicat
๐@malwr
Medium
Strengthening Your Defense Against IdP (Identity Provider)Attacks: Leveraging Google Workspaceโฆ
In recent times, identity service provider (IdP) attacks have surged, impacting even major providers like Okta, Cloudflare, and Microsoftโฆ
Critical Vulnerabilities in Progress Software WS_FTP Server - exploitable with a single HTTPS POST request and a pre-existing ysoserial.net gadget - exploitation observed
๐ฃdigicat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 vendor advisory
๐คdigicat
https://x.com/MCKSysAr/status/1707855204647899194?s=20 < claimed exploit PoC
๐คdigicat
https://censys.com/cve-2023-40044/
๐คdigicat
๐@malwr
๐ฃdigicat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 vendor advisory
๐คdigicat
https://x.com/MCKSysAr/status/1707855204647899194?s=20 < claimed exploit PoC
๐คdigicat
https://censys.com/cve-2023-40044/
๐คdigicat
๐@malwr
Rapid7
Critical Vulnerabilities in WS_FTP Server | Rapid7 Blog
Sub7 source code released - an old code but it checks out
๐ฃdigicat
Fond memories ๐ฅณ
๐คcastleinthesky86
๐@malwr
๐ฃdigicat
Fond memories ๐ฅณ
๐คcastleinthesky86
๐@malwr
GitLab
illwill / Sub7 ยท GitLab
Source code for SubSeven 2.1.3
๐2
Visual Studio Code: embedded reverse shell and how to block, create Sentinel Detection, and add Environment Prevention โ well more like ideas and concepts
Little summary I did when I worked on securing my lab/home network.
https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d
๐ฃthattechkitten
๐@malwr
Little summary I did when I worked on securing my lab/home network.
https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d
๐ฃthattechkitten
๐@malwr
Medium
Visual Studio Code: embedded reverse shell and how to block, create Sentinel Detection, and add Environment Prevention โ well moreโฆ
UPDATE: Looks like MS released GPO controls finally: https://learn.microsoft.com/en-us/azure/developer/dev-tunnels/policies
Malware News pinned ยซGuys with premium telegram account, boost please: https://t.me/malwr?boostยป
What is the term used to describe the process of reverse-engineering malware to understand its inner workings?
Final Results
27%
Sandboxing
59%
Decompilation
11%
Obfuscation
3%
Code Injection
๐3
NetworkMiner 2.8.1 Released
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes parsers for command-and-control (C2) protoc...
https://www.netresec.com/?page=Blog&month=2023-10&post=NetworkMiner-2-8-1-Released
๐@malwr
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes parsers for command-and-control (C2) protoc...
https://www.netresec.com/?page=Blog&month=2023-10&post=NetworkMiner-2-8-1-Released
๐@malwr
Netresec
NetworkMiner 2.8.1 Released
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includesโฆ
๐1