CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - Chocapikk/CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability - Chocapikk/CVE-2023-29357
Open-Source Remote Access Trojan Targets Armenian Airport and State Institutions - from Sept 22
π£digicat
π@malwr
π£digicat
π@malwr
CyberHUB-AM
Open-Source Remote Access Trojan Targets Armenian Airport and State Institutions - CyberHUB-AM
Threat-researchers at CyberHUB-AM, with the support from Internewsβ Martijn Grooten, are tracking [β¦]
Strengthening Your Defense Against IdP (Identity Provider)Attacks: Leveraging Google Workspace Admin Logs - pay to play in some cases
π£digicat
π@malwr
π£digicat
π@malwr
Medium
Strengthening Your Defense Against IdP (Identity Provider)Attacks: Leveraging Google Workspaceβ¦
In recent times, identity service provider (IdP) attacks have surged, impacting even major providers like Okta, Cloudflare, and Microsoftβ¦
Critical Vulnerabilities in Progress Software WS_FTP Server - exploitable with a single HTTPS POST request and a pre-existing ysoserial.net gadget - exploitation observed
π£digicat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 vendor advisory
π€digicat
https://x.com/MCKSysAr/status/1707855204647899194?s=20 < claimed exploit PoC
π€digicat
https://censys.com/cve-2023-40044/
π€digicat
π@malwr
π£digicat
https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 vendor advisory
π€digicat
https://x.com/MCKSysAr/status/1707855204647899194?s=20 < claimed exploit PoC
π€digicat
https://censys.com/cve-2023-40044/
π€digicat
π@malwr
Rapid7
Critical Vulnerabilities in WS_FTP Server | Rapid7 Blog
Sub7 source code released - an old code but it checks out
π£digicat
Fond memories π₯³
π€castleinthesky86
π@malwr
π£digicat
Fond memories π₯³
π€castleinthesky86
π@malwr
GitLab
illwill / Sub7 Β· GitLab
Source code for SubSeven 2.1.3
π2
Visual Studio Code: embedded reverse shell and how to block, create Sentinel Detection, and add Environment Prevention β well more like ideas and concepts
Little summary I did when I worked on securing my lab/home network.
https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d
π£thattechkitten
π@malwr
Little summary I did when I worked on securing my lab/home network.
https://medium.com/@truvis.thornton/visual-studio-code-embedded-reverse-shell-and-how-to-block-create-sentinel-detection-and-add-e864ebafaf6d
π£thattechkitten
π@malwr
Medium
Visual Studio Code: embedded reverse shell and how to block, create Sentinel Detection, and add Environment Prevention β well moreβ¦
UPDATE: Looks like MS released GPO controls finally: https://learn.microsoft.com/en-us/azure/developer/dev-tunnels/policies
Malware News pinned Β«Guys with premium telegram account, boost please: https://t.me/malwr?boostΒ»
What is the term used to describe the process of reverse-engineering malware to understand its inner workings?
Final Results
27%
Sandboxing
59%
Decompilation
11%
Obfuscation
3%
Code Injection
π3
NetworkMiner 2.8.1 Released
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes parsers for command-and-control (C2) protoc...
https://www.netresec.com/?page=Blog&month=2023-10&post=NetworkMiner-2-8-1-Released
π@malwr
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includes parsers for command-and-control (C2) protoc...
https://www.netresec.com/?page=Blog&month=2023-10&post=NetworkMiner-2-8-1-Released
π@malwr
Netresec
NetworkMiner 2.8.1 Released
I am happy to announce the release of NetworkMiner 2.8.1 today! This new release brings a VNC parser to NetworkMiner, so that screenshots, keystrokes and clipboard data can be extracted from unencrypted VNC traffic. NetworkMiner 2.8.1 additionally includesβ¦
π1
hakuin: A blazing fast Blind SQL Injection optimization and automation framework.
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - pruzko/hakuin: A blazing fast and fully configurable Blind SQL Injection optimization and automation framework.
A blazing fast and fully configurable Blind SQL Injection optimization and automation framework. - pruzko/hakuin
fit: FIT is a Python3 application for forensic acquisition of contents like web pages, emails, social media, etc. directly from the internet.
π£digicat
π@malwr
π£digicat
π@malwr
GitHub
GitHub - fit-project/fit: FIT is a modular suite of Python applications for digital forensic acquisition of online contents suchβ¦
FIT is a modular suite of Python applications for digital forensic acquisition of online contents such as web pages, emails, social media, and more. Each module can run independently or as part of ...