There's finally a model that actually understands security 🤯
VulnLLM-R-7B is a specialized AI that spots vulnerabilities by reasoning like a security expert. It's trained to spot vulnerabilities before they become breaches.
100% Open Source.
I found a new one click NTLM leakage vulnerability / technique from a browser.
A web server can redirect a client to a ms-photos URI handler followed by a fileName parameter. If the parameter value is a UNC path instead of a local path, photos.exe will leak the client’s NTLMv2-SSP hash, enabling relay attacks or offline cracking.
Leaking hashes from URI handlers is not new, but combined with a browser redirection, it allows moving from website infection to capturing NTLMv2-SSP hashes (supply chain attack).
No LLMNR is required, and except if the firewall blocks outbound SMB queries, the hash will leak to public facing SMB servers.
The vulnerability can be combined in a supply-chain attack, by infecting public facing applications.
MSRC will not release a patch for this issue.
Find more details with a POC here:
https://t.co/2gMKtGZfQt
This BBC reporter was offered 25% of a ransom payout if he gave hackers access to the corporate network.
He played along, so we got a look inside their tactics here:
Fresh release of my Chrome/Edge/Brave App-Bound Encryption decryptor is up. 🚀
Key architectural updates:
🧠 In-Memory Payload: The core DLL is embedded, encrypted with ChaCha20, and decrypted entirely in memory. No unencrypted file touches the disk.
⚙️ Direct Syscall RDI: Full Reflective DLL Injection is initiated with direct NT syscalls, aiming to bypass common user-land EDR hooks.
✅ Verified: Confirmed working against the latest browser versions on both x64 & ARM64.
🔗 Source & Details: https://t.co/cCNIBNek4R
Active Directory Hardening Series
Part 1 Disabling NTLMv1 https://t.co/9gla1vtQ18
Part 2 Removing SMBv1 https://t.co/KOqpamarcW
Part 3 Enforcing LDAP Signing https://t.co/oW2Ymvu1ZW
Part 4 Enforcing AES for Kerberos https://t.co/iENjEPBOFD
These guys on YouTube are trying to beat each other in how fast they can turn you into a hacker
Without watching the clips, what would you expect them to show to their viewers?
We are seeing threat actors leveraging SVG files with embedded JavaScript to fetch the next stage payload
Monitor for SVG files sent to your user inboxes from external domains.
If you need to reduce FPs look for the same attachments being subsequently opened a browser process