"You can't connect the dots looking forward; you can only connect them looking backwards. So you have to trust that the dots will somehow connect in the future." - Steve Jobs
I found some design and implementation flaws in Wi-Fi again. All Wi-Fi devices are affected. It was a long ~9 months embargo, over this time a lot of info has been collected and that info now available at https://t.co/nAQtK9XY0R
Folks, I'm so sorry - I can confirm through a first-hand source (not me) @dakami has passed away. No, this news should not have been out on twitter yet, and yes, I am unfortunately certain. I am devastated and will go offline now.
Just push a new post and some fresh tooling to the @MDSecLabs github, demonstrating tricks for harvesting hashes over a c2. Weaponising these tricks has been a game changer for me during red teams.... https://t.co/5ZTGROMK7f
This may turn out to be an unpopular opinion, but having red teamed quite a few pure "zero trust", no perimeter, cloud first environments now, this model really needs to be rethought. I can safely say it scares the shit out of me that ppl are deploying this....
We detected a recent spike in busines email compromise (BEC) attacks soliciting gift cards primarily targeting K-12 schoolteachers. Attackers impersonate colleagues or school officials to ask recipients to purchase various gift cards.
I'm listening to @_johnhammond from @HuntressLabs discuss a timeline for Ryuk ransomware. Deployment took 3 1/2 hours. As a fan of #timecentricsecurity metrics I cropped a few slides and shared them. Note #PESTs. Full sides: https://t.co/pooqC5UhqS
In case you missed the key takeaways in the thread:
The real compromise was the chrome 0day on the blog - the lure was the pgp key, which was needed for target to decrypt one of a few offered low value browser or kernel PoC for collab. Shared project was trojaned as backup plan
WARNING! I can confirm this is true and I got hit by @z0x55g who sent me a Windows kernel PoC trigger. The vulnerability was real and complex to trigger. Fortunately I only ran it in VM.. in the end the VMDK I was using was actually corrupted and non-bootable, so it self-imploded
If you want to make an income teaching CyberSecurity classes yourself: 1/ do your research 2/ build a class 3/ find students (charge them as much as you like) 4/ teach. Don't blame or be jealous of others for taking the risk, doing the investment, and making some money of it.