Last #TTPTuesday release for our theme on 's "2021 Top Malware Strains". This TTP replicates procedures found in #MOUSEISLAND #malware. Check it out on the Prelude Chains Website and see if your machine can detect these procedures.
Follow
Prelude
@preludeorg
Prelude is a technology company that hardens cybersecurity defenses.
Prelude’s Tweets
Introducing Vertebrae: A security-focused app framework for Python micro services buff.ly/3sSQCSw #cybersecurity
2
3
It's #TTPTuesday (somewhere😉) We have two Docker cgroup controller container escapes, as well as a privilege escalation via hostPID. Test your security posture autonomously by following the link: buff.ly/3Enkxcp #infosec #cybersecurity #containersecurity
2
2
Doing research & building #cybersecurity products that move the world forward isn't all fun & games. But sometimes, it's just that. Last month our adversary engineers spent a few days doing exploit dev on an neat target: a Flipper Zero.
Learn more here:
1
👇
Quote Tweet
Vertebrae 0.6.8 just released.
Using #python to work with #aws? This update adds async support to many cloud services, like S3.
Example: use Vertebrae to provision an EC2 vm on the fly. Thanks @khyberspache for the add.
#opensource
github.com/preludeorg/ver
1
1
1
2
We released a new Chain last week. With it came a new Docker container escape TTP in Operator: Is my Docker container vulnerable to host filesystem mounting?
Learn more here: buff.ly/3zU1nYJ #infosec #cybersecurity #mitreattack
3
6
Certain versions of GLPI include a vuln version of HTMLAWED. By submitting a carefully crafted http request to a vuln GLPI server unauthenticated remote code execution is achieved. This TTP attempts to run code on the GLPI server. buff.ly/3DMFD3w #infosec #cybersecurity
1
5
Build scalable, security-focused micro services (quickly) with Vertebrae buff.ly/3sSQCSw #redteam #infosec #opensource
5
2
#TTPTuesday is here! This week we're sharing a #Docker container escape that mounts the host filesystem to establish persistence. Check out the technique on the Prelude chains website.
3
2
CVE-2022-35914 : This TTP demonstrates how to run arbitrary code on a vulnerable GLPI server by sending a specially crafted HTTP packet to the GLPI htmlawed module. buff.ly/3DMFD3w #infosec #redteam #preludechains
2
Vertebrae is a security-focused, all purpose backbone for any Python API. It focuses on one core principle: reducing the lines of code in your application will enable you to write more consistent, more secure code. buff.ly/3sSQCSw #infosec #CloudNative #cybersecurity
3
5
At we've always been obsessive about clean, simple code. That's why a few months ago we sat down and wrote Vertebrae: a security-focused #microservices framework that encourages tiny code bases. Vertebrae itself is only 448 lines of code.
1
3
4
Show this thread
#TTPTuesday is here! This week we're sharing a #Docker container escape. Check out the technique on the Prelude chains website.
4
4
7
17
#TTPTuesday is here! This week we have a GLPI remote code execution TTP for CVE-2022-35914. Click below and see if your current protections can identify or block this technique. #RCE #CVE
4
4
#TTPTuesday is here! This week we have an Atlassian Bitbucket and Data Center code injection exploit for CVE-2022-36804. Click below and see if your current protections can identify or block this technique. #CVE
2
3
#TTPTuesday is here! This week we have an API unhooking technique via #PerunsFart and process injection via #ThreadHijacking. Click below and see if your current protections can identify or block these injection techniques.
1
2
#TTPTuesday is here! This week we have two process injection techniques via #CreateRemoteThread and #QueueUserAPC. Click below and see if your current protections can identify or block these injection techniques.
2
5
6
11
We are continuing our #CISA's "2021 Top Malware Strains" theme for #TTPTuesday. The TTP this week replicates #Agent #Tesla procedures; with a couple of clicks, you can see if your machine detects them. Check it out on the Prelude Chains Website!
3
5
5
7
For this week's #TTP Tuesday, we are releasing #GootLoader and #AZOrult as we continue our theme for #CISA's "2021 Top Malware Strains". Check it out on the Prelude Chains Website!
2
6
2
17
5
15
#TakeTheInitiative in our career workshop at 4pm today with a great panel on "The Hiring Side" of cyber careers with , Caitlin from & Caroline from ISE. Come check out this in person panel from these amazing women!
5
8
Quote Tweet
Good morning world!
@DianaInitiative #TDI2022 has begun!
#TakeTheInitiative and join us today and tomorrow both in person in Vegas and online
Info: dianainitiative.org
4
5
2
5
5
9
0verture: The Prelude Podcast CVE-EP16 on f33d by Prelude
3
4
Get two more TTPs with this week's #TTP Tuesday release. Check if your Spring Framework can be exploited via CVE-2022-22965 (#spring4shell) while also finding out if your system can detect Maui #ransomware.
5
5
0verture: The Prelude Podcast CVE-EP15 on f33d by Prelude
4
4
Two TTPs are being released for #TTP Tuesday. One that targets CVE-2022-26134 and another that executes a defanged version of Ryuk #ransomware. With a few clicks, check if your system is protected against these #threats.
28
51
Prelude is a proud sponsor of ! Come visit us at the virtual event this Saturday in the Career Village
Quote Tweet
@DianaInitiative's July 16 #TDI2022 Virtual Conference is in 4 Days!!!
#TakeTheInitiative join us & see our amazing speakers & be part of our wonderful villages!
Ticket, sponsor, volunteer & villages: dianainitiative.org
Schedule: dianainitiative.org/event/2022-sch
#infosec
7
5
1
6
7
Starting today, TTP Tuesday releases will include #CVE exploit tests. The first few will focus on Linux and include brand new, and old-but-still-relevant, vulnerabilities. Check out the first one, just dropped!
6
6
This week for #TTPTuesday we are releasing the latest installment of our multipart theme dedicated to #APT38. Check it out!
feed.prelude.org/p/apt38-pharma
#purpleteaming #cyberattacks #redteam
31
56
This week for #TTPTuesday we are releasing the next chain in our GTsST Theme called "IronViking" - Check it out!
feed.prelude.org/p/ttp-tuesday-
#cybersecurity #redteam #purpleteam #ironviking #cyberattack
1
8
7
Show this thread
We dropped a new episode of 0verture today! & @wasupwithuman have a roundtable discussion on the current economy and how that might affect the cyber security industry.
4
4