David Germain

@skydge

Security addict

Toulouse, France
Vrijeme pridruživanja: siječanj 2011.

Tweetovi

Blokirali ste korisnika/cu @skydge

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @skydge

  1. proslijedio/la je Tweet

    Pretty incredible statement from Gedia, since deleted, saying it will take them "weeks to months" to restore. SC Magazine reports operations also shut down in Poland, Hungary, Spain, China, India, USA and Mexico.

    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    29. sij

    Commands to image Netscaler device: dd if=/dev/md0 | gzip -1 - | ssh user@[IP address] dd of=/[fullpath]/md0.gz
dd if=/dev/ad0s1a | gzip -1 - | ssh user@[IP address] dd of=/[fullpath]/ad0s1a.gz
dd if=/dev/ad0s1b | gzip -1 - | ssh user@[IP address] dd of=/[fullpath]/ad0s1b.gz

    Prikaži ovu nit
    Poništi
  3. 30. sij

    I've been looking for this kind of statistics for years. I do not think TLS is an issue for defenders, you've got more metadata to look at and doing TLS right is hard enough that is truly cost increasing for attackers (where they don't need it to be fair).

    Poništi
  4. proslijedio/la je Tweet

    Want to know a fun thing about CVE-2019-0604? Thousands of publicly exposed systems still run SharePoint 2007. Doesn’t matter as the advisory says it doesn’t apply to SP 2007, right? Wrong. Exploit absolutely works, product is out of support. Vuln scanners don’t detect.

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet

    Two things on this. Click final "Read more" at the bottom of the article to see how owned they got. Spoiler: a lot. Also: "Under diplomatic immunity, the UN is not obliged to divulge what was obtained by the hackers or notify those affected." A source at UN says 400gb taken.

    Poništi
  6. 29. sij

    ANSSI is going to share IOC on website. Looking forward to this.

    Poništi
  7. proslijedio/la je Tweet
    28. sij

    From the folks that brought you Atomic Red Team, Chain Reactor is a new open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

    Poništi
  8. proslijedio/la je Tweet
    27. sij

    New cache attack against Intel CPUs:

    Poništi
  9. proslijedio/la je Tweet
    27. sij

    In short, Avast collects the data by its antivirus product being installed on peoples' computers. It then provides that data to its subsidiary Jumpshot, which then sells products based on the data to clients

    Prikaži ovu nit
    Poništi
  10. proslijedio/la je Tweet
    27. sij

    New: leaked documents, data, contracts show how hugely popular antivirus Avast now harvests internet browsing data and sells it for millions of dollars. Clients included Home Depot, Google, Microsoft. Documents show a product called "All Clicks Feed"

    Prikaži ovu nit
    Poništi
  11. 27. sij

    I believe euphoria-global[.]com as C2 is straight on point 😅🤔

    Poništi
  12. proslijedio/la je Tweet
    24. sij

    Zero-day is CVE-2019-18187. When Trend Micro patched the bug last year, the company warned that it was being abused in the wild.

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    24. sij

    Mini-scoop: Hackers exploited a zero-day in the Trend Micro OfficeScan antivirus to plant malicious files on Mitsubishi Electric servers

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    24. sij

    In our latest blog on threat actors exploiting CVE-2019-19781, , , & I delve into financially motivated threat actor who exploited CVE-2019-19781, scanned internally for EternalBlue & deploy ransomware (code family still under analysis)

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    22. sij

    BREAKING - To help organizations identify compromised systems with CVE-2019-19781, & have released a tool that searches for indicators of compromise associated with attacker activity observed by

    Prikaži ovu nit
    Poništi
  16. 22. sij

    Daily malware file extension trying to bypass filters: ".xlam" for Microsoft Excel. C2: gg[.]gg (URL shortener)

    Poništi
  17. 22. sij

    Daily Emotet using as C2: maruka-dev[.]herokuapp[.]com 🙃

    Poništi
  18. 21. sij

    Well, 😂 That's one way to search for a job.. 🙃

    Prikaži ovu nit
    Poništi
  19. 21. sij

    Receiving malicious PPT document with ".pps" file extension. Some actors are really trying to evade email attachement file type blocking.

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet

    The top thirty most scanned URLs today are almost all Citrix Gateway related. If you haven't patched or mitigated your devices, you're likely in deep doo doo.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·