Dieselgate, but for trains - some heavyweight hardware hacking.
https://t.co/cUiuABYXks
Story about trains that broke down and analysis that discovered it was not a coincidence.
⚠️SANS released their new Memory Forensics class (FOR532).
As @SANSInstitute talk about #volatility 3 in this class and to comply with the vol3 license:
‼️SANS published all @volatility 3 related content for free!
Slides:https://t.co/0metSbLiaX
Labs:https://t.co/qebcp4m88Y
#DFIR
August 2023 (version 1.82) of Visual Studio Code now supports Port Forwarding to allow easier access from Threat Actors.
inb4 Visual Studio Code as a C2?
Very cool 👍
More information: https://t.co/zZuqHAZkdY
Google Dork - Sensitive Info
inurl:email= | inurl:phone= | inurl:password= | inurl:secret= inurl:& site:target[.]com
Emails/phone#s/tokens commonly cached directly in Google
No, it was not a joke. "Our paying customers need X, when will you fix it?" may not be the best way to introduce yourself to an open source project.
#TodayInOpenSource
* People ask LLMs to write code
* LLMs recommend imports that don't actually exist
* Attackers work out what these imports' names are, and create & upload them with malicious payloads
* People using LLM-written code then auto-add malware themselves
https://t.co/Va9w18RpWu
🚨 Woah. Crazy new research paper I just read.
Remotely and inaudibly issue commands to Alexa, Siri, Google Assistant, etc.
"allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz (often outside the range of human adult hearing)" 🔊
Did you know we can block gTLDs (and FQDNs) with Windows Firewall and Defender for Endpoint? 💡
This might be helpful if someone started selling TLD's you'll never do business with ;)
Go to https://t.co/O1Etd1rhxw under Endpoint security - Firewall, Reusable settings, click Add
It's official! Mythic 3.0 is LIVE! Check out the blog post about it here: https://t.co/LJb77jLqQZ. Highlights include: rpfwds, graph groupings, jupyter notebook, custom webhooks, tags, docker updates, and an entirely new back end!
I am proud to announce the release of #BloodHound 4.3!
Release blog post: https://t.co/9LESMBrimP
Limited edition T-shirt: https://t.co/V4PvatsuuQ
Get BloodHound 4.3 NOW at https://t.co/LOlhrNILYB
🧵Some of my favorite LDAP queries. I let you all infer which tools to use them with. Most of these are from places around the web, nothing new. Just a list.
1. Find all DCs:
(&(objectCategory=Computer)(userAccountControl:1.2.840.113556.1.4.803:=8192))
#PingCastle 3.0 released !!!
https://t.co/wAQMeSPOvz
Active Directory & AzureAD security health check in seconds
>200k AD audited, management readable, no install, no admin, no data sent "to a cloud"
Example of report: https://t.co/jfXlLLS7Ln
github: https://t.co/PEB73KZtoq