New Mimikatz
Researchers took an old version of Mimikatz and taught it how to dump credentials from the latest operating systems!
The research: https://t.co/JxZwg135Mr
The repo:
https://t.co/Lpsu09AMng
#redteam#pentesting
Actor exploiting CVE-2023-46747 (F5 BIG-IP Auth Bypass Vuln ) from 195.248.71.38 🇷🇺
( LLC Melt-internet )
VirusTotal Detections 0/95 🟢
Actor attempts to create a new admin user with full permissions
0-Click Microsoft 365 Copilot Vulnerability Lets Attackers Exfiltrate Sensitive Data Abusing Teams
By Guru Baran - June 12, 2025
https://t.co/dYKxuMMk3A
Hahahahhahahaha
Unironically a good idea. It's so unbelievably stupid and it works. Depending on explorer layout, the .exe might not be visible.
Filename.mp4 + ??? spaces + .exe
Hahahahahaha UNC6032 is wild as hell
just hunted down fresh undetected & low detected APT43 (kimsuky) infra by pivoting using HTTP header analysis and SSL JARM fingerprinting
162[.]220[.]11[.]84 --> 0/94
194[.]63[.]129[.]86 --> 0/94
3[.]89[.]115[.]251 --> 0/94
110[.]142[.]212[.]109 --> 1/94
More IOCs in replies
OneDrive - New Default Sync Feature: Automatic syncing bypasses established security protocols, as it lacks inherent controls, logging mechanisms, and corporate policies that typically govern the synchronization of personal accounts on business devices.
https://t.co/rohdaVkCuo
NEW: CrowdStrike announced that it will lay off around 500 workers as part of "a strategic plan" to "to evolve its operations to yield greater efficiencies."
The cuts represent 5% of its global workforce.
https://t.co/WtPWU0c3vx
We are now having full conversations with Figure 01, thanks to our partnership with OpenAI.
Our robot can:
- describe its visual experience
- plan future actions
- reflect on its memory
- explain its reasoning verbally
Technical deep-dive 🧵:
Check out my latest write-up summary on LinkedIn: RE#TURGENCE Campaign, Targeting MSSQL Servers for Ransom with MIMIC Payloads!
Big S/O to @Securonix Threat Research for the heavy-lift when it comes to threat research!
https://t.co/1TR342tlWx
Scene in MGM Grand according to a TikTok user who said slots machines down and casino floor empty after cyber attack. She also says staff had to make and distribute physical room keys and an admin error caused her to walk in on another guest. Source: https://t.co/etNWW0S49y