2023 Zero-day vulnerabilities Summary
R1 - 14 Jan 2024
H/T @uuallan@pancak3lullz for the original idea
(I was missing yours, so I made my own but included all zerodays, not just initial access for ransomware as the original was.)
⚠️ A new exploitation technique called '📩 SMTP Smuggling' could let attackers send malicious emails with fake sender addresses while bypassing security measures.
Read more 👉 https://t.co/Y5OWE5ZA1X
#infosec#cybersecurity#hacking
It took me almost 3 years, but I finally restructured the Practical Malware Analysis section of my site. This is now broken up into more digestible sections, and I've also revamped the MITRE ATT&CK tests to come with appropriate categories and tagging.
https://t.co/LDjOg5PObk
Cyber security people: Ever heard the term "VAD tree" and wondered what it meant?
Check this out for an easy-to-read explanation: https://t.co/IzIZkW0dFQ
U19s ⚽
MIFC vs. @CPDCaerwysFC
📅 Saturday 10th September 2023
⏰ 13:30 kick off
🏟️ Argoed Sports Club, CH7 6SZ
🏆 @FlintshireJnrFL Youth League
💵 Free entry
Match Sponsor: Margden Heating
Please show the lads your support as they begin their league campaign! #uptheisa 🟡⚫
🚨Sponsor Appreciation Post🚨
A big thankyou to our sponsors this season: @HalkynSecurity, OMS, LP Builders and @MaestrosMaking. It means a lot to have your support on the shirt and on the sideline.
On behalf of coaches and players, a huge thank you. We are incredibly grateful
1/ Windows Error Reporting (WER) can provide investigators with a wealth of data including:
• SHA1 hashes of crashed processes
• Snapshot of process trees at time of crash
• Loaded modules of crash
• Process minidumps
#DFIR#Threathunting
See 🧵 for new #Velociraptor artefact
Catch @Intel471Inc presenting at the @SANSInstitute#RansomwareSummit this week! Intelligence analysts Samantha Van de Ven & Beth Allen will be presenting research on Access Brokers and Threat Actor Partnerships on June 16th at 10:00 am ET. https://t.co/IpTAzuvW8M
There are lots of blue team guides for monitoring & detecting, but there's not much on what to actually DO when you catch an active adversary.
This article's small contribution is to help you evict the adversary in your environment 🧵
https://t.co/HQY0nFFqH5
1/ So you go shopping for a PIV card reader, because the US govt gave you one and you're curious to look at what's on it. You settle for this "DOD military USB common access smart card reader," because it's compatible with Mac OS. Cool! Only $15! What a bargain!