Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @Ivanlef0u
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Ivanlef0u
-
`Ivan proslijedio/la je Tweet
Retrospective on the Latest Zero-days Found in the Wild
#BlueHatIL [SLIDES]https://github.com/oct0xor/presentations/blob/master/2020-01-Retrospective%20on%20the%20latest%20zero-days%20found%20in%20the%20wild.pdf …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
just found that this writeup for CVE-2019-9793, a range analysis bug in Spidermonkey found by
@bkth_ and analyzed by me is now unrestricted: https://bug1528829.bmoattachments.org/attachment.cgi?id=9044718 … I thought it was a cool bug, although unfortunately Spectre mitigations prevented exploitation as far as I knowPrikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Dejablue Vulnerabilities in Windows 7 to Windows 10 [CVE-2019-1181 and CVE-2019-1182] - Core Securityhttps://www.coresecurity.com/blog/dejablue-vulnerabilities-windows-7-windows-10-cve-2019-1181-and-cve-2019-1182 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Here are the slides for my presentation today at
@BlueHatIL on variant analysis for 0-days used in the wild. I discuss 3 case studies, covering the approach, findings, and lessons learned.#BlueHatIL https://github.com/maddiestone/ConPresentations/raw/master/BluehatIL2020.VariantAnalysis.pdf …pic.twitter.com/pXKzOUxc27
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Just posted my talk "Keeping Windows Secure" touching on security assurance process and vuln research in Windows from
@BlueHatIL 2019:https://github.com/dwizzzle/Presentations/blob/master/David%20Weston%20-%20Keeping%20Windows%20Secure%20-%20Bluehat%20IL%202019.pdf …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Read about our investigation of web shell attacks, which allow adversaries to run commands and steal data from vulnerable or misconfigured Internet-facing servers, or to use the compromised servers as launch pads for further attacks. https://www.microsoft.com/security/blog/2020/02/04/ghost-in-the-shell-investigating-web-shell-attacks/ …pic.twitter.com/VXD2aZpXHy
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
As promised, here is the follow up defensive blog to last weeks post on Attacking Azure.https://posts.specterops.io/detecting-attacks-within-azure-bdc40f8c0766 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
[CPR-Zero] CVE-2019-1234 (Azure Stack): Azure Stack Spoofing Vulnerabilityhttps://cpr-zero.checkpoint.com/vulns/cprid-2140/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
[CPR-Zero] CVE-2019-1372 (Azure App Service): Heap Based Buffer-Overflow in DWASInterop.dllhttps://cpr-zero.checkpoint.com/vulns/cprid-2139/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
TeamViewer stored user passwords encrypted, not hashed, and the key is now publichttps://whynotsecurity.com/blog/teamviewer/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Can your EDR detect symbolic link callback rootkits? Because ours sure as heck can't.
@aionescu and I wrote about these! https://windows-internals.com/dkom-now-with-symbolic-links/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
#PingCastle 2.8.0.0 released !!! https://pingcastle.com/download/ 4 clicks and 2 <enter>, that what's between you and the hard truth of your AD security. Example of report: https://pingcastle.com/PingCastleFiles/ad_hc_test.mysmartlogon.com.html … github: https://github.com/vletoux/pingcastle … Changelog: https://raw.githubusercontent.com/vletoux/pingcastle/2.8.0.0/changelog.txt …pic.twitter.com/1oQXuIJcdiHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, https://github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
https://sandboxescaper.blogspot.com/2020/01/chasing-polar-bears-part-2.html … Fuck it, I can't focus at all today. It's a mess, sorry.. I've also uploaded the discussed bug to github. Maybe someone can make sense of it. It's a junction bug that's a little more complicated then a simple "bait and switch". Hope it's useful to someone.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
@irsdl’s first post is a writeup for an RCE in SharePoint https://www.mdsec.co.uk/2020/01/code-injection-in-workflows-leading-to-sharepoint-rce-cve-2020-0646/ …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Reversing XignCode3 Anticheat – Registering Notify and Callback Routines Part 4.1 is out!
Anti-cheats use callbacks and notification routines to control what is happening on your system, let's dig into this
https://niemand.com.ar/2020/01/31/reversing-xigncode3-driver-part-4-1-registering-notify-and-callback-routines/ …
#reversing#hacking#infosec#securitypic.twitter.com/5tmM5JOyBe
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Want to see how the
@Mandiant red team weaponizes@FireEye threat intel for R&D and TTP development? Check out some research I did with@evan_pena2003 and@FuzzySec. Also includes some new executables that can be used for DLL abuse.https://www.fireeye.com/blog/threat-research/2020/01/abusing-dll-misconfigurations.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
CVE-2019-1406 : Microsoft Jet Engine ColumnLvText Type Confusion https://starlabs.sg/advisories/19-1406/ … CVE-2019-1250 : Microsoft Jet database Record::IsNull Memory Corruption https://starlabs.sg/advisories/19-1250/ … Found by
@Puzzorsj &@R00tkitSMMHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Security of Azure DevOps build agents demystified by
@Julien_Legras https://www.synacktiv.com/posts/pentest/azure-devops-build-agent-analysis.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
`Ivan proslijedio/la je Tweet
Trickbot trojan LEVERAGing A New Windows 10 UAC Bypass https://blog.morphisec.com/trickbot-uses-a-new-windows-10-uac-bypass … by
@osipov_arHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.