Check out the latest blog Beyviel David and I put together for SIXGEN covering all of the #cybersecurity and #pentesting news, techniques, write-ups, and tools released from 07/15-07/22. Highlights: - A bad CrowdStrike update caused a global meltdown - Cisco had two vulnerabilities, an arbitrary file write vuln and a vuln where any users' password could be changed - Andrew Lemon at Red Threat details his journey hacking traffic light controllers and dealing with a hostile manufacturer - Paolo Arnolfo, Guillermo Gregorio, and one other researcher wrote a guest blog for Bugcrowd detailing a novel class of HTTP Request Smuggling that let them hack thousands of Google Cloud websites - Sonar's Stefan Schiller wrote a post on how different being able to change the encoding charset can lead to XSS - The folks at Sprocket Security released a tool called Gigaproxy, a tool similar to fireprox except it allows you to target multiple hosts - Daniel Cooper of Tanto Security released a tool called OneShell that runs an encrypted reverse shell using only the echo and chmod commands - And many more tools, techniques, and write-ups!
Rusty Robison’s Post
More Relevant Posts
-
Check out the latest blog Beyviel David and I put together for SIXGEN covering all of the #cybersecurity and #pentesting news, techniques, write-ups, and tools released from 09/02-09/09. Highlights: - YubiKeys vulnerable to cloning attacks - Fake GitHub stars are a growing threat - Marco Ivaldi of HN Security wrote about learning rust and using it to write a custom Meterpreter stager - Wietze Beukema wrote about argv[0] and how you can use it to help bypass detections, deceive analysts, or corrupt EDR data - GoSecure's Patricia Gagnon-Renaud, P.Eng. wrote about using a picture of a key to create your own copy - Intigriti released a guide on hacking misconfigured AWS S3 buckets - Zavier Lee wrote a primer on exploiting Active Directory from a Linux attack machine - And many more tools, techniques, and write-ups! https://lnkd.in/gySqkztd
Last Week in Security - 2024-09-09
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog Beyviel David and I put together for SIXGEN covering all of the #cybersecurity, #threatintel, and #pentesting news, techniques, write-ups, and tools released from 09/09-09/16. Highlights: - Fake recruiters are targeting devs with malicious python packages - Cybersecurity and Infrastructure Security Agency released a Fiscal Year 2023 Risk and Vulnerability Assessments report - Benjamin Harris and Aliz Hammond at watchTowr detail how they used $20 to achieve RCE and become the admins of the .mobi TLD. - Pen Test Partners' Ceri Coburn wrote a blog and released a tool on editing Group Policy Objects (GPO) from a non domain-joined machine. - James H. wrote about decrypting and replaying VPN cookies and released a tool to that decrypts GlobalProtect configuration and cookie files. - John Hammond released a PoC to recreate a recently seen reCAPTCHA phishing lure. - And many more tools, techniques, and write-ups! https://lnkd.in/gj2P4e86
Last Week in Security - 2024-09-16
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog Beyviel David and I put together for SIXGEN covering all of the #cybersecurity news, techniques, write-ups, and tools released from 07/01-07/08. Highlights: - regreSSHion: A Remote Unauthenticated Code Execution Vulnerability in OpenSSH server - Ticketmaster hacked and concert tickets released - Secrets stolen from OpenAI - Jiacheng(Gavin) Zhong and Shuyang Wang at Obsidian Security put out an article detailing a technique they call Shadow Linking in order to obtain persistence using SaaS services - Ziyi Shen wrote an article for 3Nails Information Security about a technique called EDRPrison that is used to evade EDR products - XINTRA's Lina L. wrote an article on detecting lateral movement in Entra ID - And many more tools, techniques, and write-ups!
Last Week in Security - 2024-07-08
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog I put together for SIXGEN covering all of the #cybersecurity, #threatintel, and #pentesting news, techniques, write-ups, and tools released from 09/16-09/23. Highlights: - Pagers, radios, and other devices were rigged to explode and there's been lots of discussion on how it was done - The US government took control of a Chinese-run botnet - Vincenzo Santucci wrote about improving the SLEAPING sleepmask using Timers and APCs in order to spoof Timer Callback addresses at sleep time. - Compass Security's Sylvain Heiniger writes about a technique called Three-Headed Potato Dog that involves using DCOM to coerce Windows authentication for a potato attack - Lina L. of XINTRA wrote a guide to understanding tokens in Entra ID. - Eito Tamura at Tier Zero Security Ltd revisited the topic of abusing Windows MiniFilter Altitude to blind EDR - Include Security's Laurence Tennant wrote about vulnerabilities in open source C2 frameworks, including Sliver, Havoc, Ninja, SHAD0W, Covenant, and Mythic - And many more tools, techniques, and write-ups! https://lnkd.in/gkiv7Q8v
Last Week in Security - 2024-09-23
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog I put together for SIXGEN covering all of the #cybersecurity news, techniques, write-ups, and tools released from 09/23-09/30. Highlights: - Telegram will start providing user data to authorities - More than you ever wanted to know about the CUPS vulnerability - Sam Curry wrote about how he discovered a set of vulnerabilities in Kia vehicles that allowed remote control over key functions using only a license plate. - Simone Margaritelli details how he found and exploited the new CUPS vulnerability - Raúl_ Redondo continued his series on Kerberos by covering delegation attacks in depth - And many more tools, techniques, and write-ups! https://lnkd.in/grA7R_PG
Last Week in Security - 2024-10-01
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog Beyviel David and I put together for SIXGEN covering all of the #cybersecurity news, techniques, write-ups, and tools released from 07/08-07/15. Highlights: - CISA performed an unannounced red team assessment against an FCEB member and released an article detailing the findings - AT&T was breached exposing the data of nearly all of their customers - Harry Withington of Aura Information Security released an article detailing some awesome MOTW and Smartscreen bypasses for phishing payloads - In a similar vein Check Point Software's Haifei Li wrote a post on some zero-day tricks being used by threat actors in phishing that could be useful in your own phishing campaigns - Adam Kues of Assetnote details how to chain three vulnerabilities in order to access all of an org's ServiceNow data - A whole team of researchers detail a vulnerability they dub Blast-RADIUS, that affects the RADIUS protocol, allowing a man-in-the-middle attacker to forge a valid protocol accept message without brute-forcing passwords or shared secrets, potentially granting unauthorized access to network devices and services. - And many more tools, techniques, and write-ups! https://lnkd.in/g_WmwT4Y
Last Week in Security - 2024-07-15
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog I put together for SIXGEN covering all of the #cybersecurity news, techniques, write-ups, and tools released from 10/07-10/14. Highlights: - Hacked chatbot exposes disturbing prompts - European government air-gapped system breached - Internet Archive hacked - Andrew Lemon of Red Threat dropped the third part in his series on hacking a traffic controller - David Buchanan wrote about using a cigarette lighter to gain root - Daniel/Hackermondev wrote about discovering a Zendesk backdoor and being awarded $50,000+ in bounties - And many more tools, techniques, and write-ups! https://lnkd.in/gFdQY7HS
Last Week in Security - 2024-10-15
sixgen.io
To view or add a comment, sign in
-
Check out the latest blog I put together for SIXGEN covering all of the #cybersecurity news, techniques, write-ups, and tools released from 09/30-10/07. Highlights: - SIXGEN's own Nathan Wray and Sean Phipps performed a cyber assessment on Cobalt Strike and released a paper on their results - Attackers are exploiting a critical Zimbra vulnerability using cc’d email addresses - The Cybersecurity and Infrastructure Security Agency released a report detailing the results of their Vulnerability Disclosure Program (VDP) platform covering numerous government entities - Ruben Santamarta released research on the practical analysis of cyber-physical attacks against nuclear reactors - TrustedSec's Nyxgeek wrote an article and released a tool on performing time-based user enumeration on Azure - And many more tools, techniques, and write-ups! https://lnkd.in/gA4R-rWw
Last Week in Security - 2024-10-08
sixgen.io
To view or add a comment, sign in
-
🚨 New Threat SnapShot: GrimResource exploits MMC for arbitrary code execution! 🚨 Discover the latest threat technique: GrimResource In our newest video, we dive deep into a recently disclosed attack that leverages Microsoft Management Console (MMC) for arbitrary code execution. Key Highlights: • Detailed explanation of the Grim Resource attack chain • Practical detection rules using Sysmon and Windows logs • Tips for threat hunting and detection engineering • Attack script for testing in your lab environment Whether you're a threat researcher, SOC analyst, or security engineer, this video provides valuable insights to enhance your detection capabilities. Don't miss out on this critical information. Watch now and stay ahead of emerging threats! #threathunting #detectionengineering
GrimResource: Arbitrary Code Execution via Malicious MSC File | Threat Snapshot
To view or add a comment, sign in
-
𝗩𝗶𝘀𝘁𝗲𝗺 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀, 𝗜𝗻𝗰. - "Enhancing your business securely through innovation and technology." Vistem Solutions, Inc. is proud to be the exclusive IT Provider for Dispatch and DHA systems to the Ports of Long Beach and Los Angeles, other high-profile manufacturing and engineering networks, and healthcare companies demanding the highest level of service, security, and compliance. We'd like to help you enhance your business. 📈 Our cutting-edge solutions ensure that your operations run smoothly, efficiently, and securely. From robust threat detection systems to impeccable compliance protocols, we are your trusted partner in navigating the complexities of today’s digital landscape. 💡 Recently, our team uncovered a critical issue involving a Python downloader on PyPI. Initially appearing to be a malicious threat, it was later identified as a red-teaming exercise. This incident underscores the growing challenges in open-source threat detection and the importance of vigilant monitoring. 🔍 Our Managed Security Services (MSSP) are designed to stay ahead of such threats, offering proactive measures and real-time response to safeguard your assets. We believe in not just meeting, but exceeding your security expectations. 📬 Contact us today at sales@vistem.com to learn how we can tailor our services to meet your unique needs. #itprovider #security #compliance #vistemsolutions #MSSP #threatdetection #innovation #technology #redteam Stay secure, stay innovative! 🚀 Vistem Solutions, Inc. – Your partner in secure, innovative IT solutions.
Python downloader highlights noise problem in open source threat detection
reversinglabs.com
To view or add a comment, sign in