(@lnd3v) — KonKok

CVE-2024-9138 and CVE-2024-9140 (CVSS 9.8): Moxa Calls for Immediate Security Action Critical vulnerabilities identified in Moxa's routers and network security appliances. Find out how CVE-2024-9140 and CVE-2024-9138 pose a risk to your infrastructure and data security.

CVE-2024-9138 and CVE-2024-9140 (CVSS 9.8): Moxa Calls for Immediate Security Action securityonline.info/cve-2024-913...

06.01.2025 05:18 👍 0 🔁 1 💬 0 📌 0

Ever wanted to know what data #PowerShell or other programs send to AMSI. I wrote a C# COM server implementation that logs this data as a JSON string. Had some fun learning more about COM and .NET AOT with this little project github.com/jborean93/Am...

13.12.2024 06:45 👍 35 🔁 14 💬 1 📌 0

Sentinel-1C captures first radar images Less than a week after its launch, the Copernicus Sentinel-1C satellite has delivered its first radar images of Earth – offering a glimpse into its capabilities for environmental monitoring. These ini...

www.esa.int/Applications...

11.12.2024 07:28 👍 1 🔁 0 💬 0 📌 0

How Chinese insiders exploit its surveillance state 'It's a double-edged sword,' security researchers tell The Reg

How Chinese insiders are stealing data scooped up by President Xi's national surveillance system

08.12.2024 17:17 👍 5 🔁 3 💬 0 📌 0

GitHub - bunkerity/bunkerweb: 🛡️ Open-source and next-generation Web Application Firewall (WAF) 🛡️ Open-source and next-generation Web Application Firewall (WAF) - bunkerity/bunkerweb

Open-source and next-generation Web Application Firewall (WAF)

github.com/bunkerity/bu...

06.12.2024 16:16 👍 1 🔁 0 💬 0 📌 0

Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.

Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels www.darkreading.com/cloud-securi... #infosec

06.12.2024 10:53 👍 0 🔁 1 💬 0 📌 0

GitHub - lkarlslund/nifo: Nuke It From Orbit - remove AV/EDR with physical access Nuke It From Orbit - remove AV/EDR with physical access - lkarlslund/nifo

Nuke It From Orbit. It's the only way to be sure.

tl;dr: unprivileged user -> Defender removal on physical machine

github.com/lkarlslund/n...

04.12.2024 10:12 👍 1 🔁 0 💬 0 📌 0

Wazuh - Open Source XDR. Open Source SIEM. Wazuh is a free and open source security platform that unifies XDR and SIEM protection for endpoints and cloud workloads.

Open SourceUnified XDR and SIEM protection for endpoints and cloud workloads!
#siem #soc #monitoring #xdr #windowsagent

wazuh.com

28.11.2024 21:26 👍 0 🔁 0 💬 0 📌 0

Awseye - See Inside AWS Accounts Awseye tracks publicly accessible AWS data to help identify and secure known and exposed AWS resources. Empowering defenders with open-source intelligence.

“Awseye is an open-source intelligence (OSINT) and reconnaissance service that tracks and analyzes publicly accessible AWS data”
awseye.com

28.11.2024 21:22 👍 0 🔁 0 💬 0 📌 0

New AMSI Bypss Technique Modifying CLR.DLL in Memory Introduction Recently, Microsoft has rolled out memory scanning signatures to detect manipulation of security critical userland APIs such as AMSI.dll::AmsiScanBuffer. You can read about the details…

New AMSI Bypss Technique Modifying CLR.DLL in Memory – Practical Security Analytics LLC
practicalsecurityanalytics.com/new-amsi-byp...

28.11.2024 08:26 👍 0 🔁 0 💬 0 📌 0

Finished! It wasn’t hard to do, just hard to find time. Close up of the fine details. (Hehe) #embroidery #ThisIsFine

23.11.2024 05:45 👍 5011 🔁 1404 💬 160 📌 96

Today at @CYBERWARCON we watched arguably one of the most interesting talks we've seen in awhile. 🧵

22.11.2024 19:09 👍 63 🔁 14 💬 1 📌 6

Sitting Ducks DNS Attacks Put Global Domains at Risk Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations

Sitting Ducks DNS Attacks Put Global Domains at Risk https://buff.ly/4fvqLGZ

22.11.2024 08:12 👍 1 🔁 1 💬 0 📌 0

*facepalm*

18.11.2024 22:16 👍 362 🔁 65 💬 17 📌 12

Groot gat in digitale beveiliging van kentekenscanners ontdekt In de digitale beveiliging van apparaten waarmee kentekenplaten worden gescand is een groot gat ontdekt. Het gaat om nummerbordscanners van het Taiwanese bedrijf Geovision, waarvan er vermoedelijk enk...

Kentekenscanners geronseld voor botnet. Via kwetsbaarheid in apparaten die end-of-life zijn, dus patching is niet aan de orde?!
www.agconnect.nl/tech-en-toek...
#cybersecurity #kwetsbaarheid #botnet #Mirai
#AGConnect #SijthoffMedia

18.11.2024 15:45 👍 2 🔁 2 💬 1 📌 0

Turla APT Group Abusing Satellite Internet Links Researchers at Kaspersky Lab have revealed that the Turla APT gang is using satellite-based Internet links to hide command-and-control activities.

Hijacking satellite downstream-only links to obfuscate the physical location of C&C servers.

threatpost.com/turla-apt-gr...

www.blackhat.com/presentation...

18.11.2024 10:30 👍 0 🔁 0 💬 0 📌 0

From HTTP to RCE. How to leave backdoor in IIS I will show the way of persistence on a target system using legitimate Microsoft product being Internet Information Services.

IIS Backdoor using IIS components. cicada-8.medium.com/from-http-to...

17.11.2024 10:55 👍 0 🔁 0 💬 0 📌 0

The Dangers of Building a Recursive Internet Scanner by Joel Moore | BSides CHS 2024 YouTube video by BSidesCHS

Recursive recon scanning for blue/red teams. Highly recommend to investigate digital attack surface. #bbot

m.youtube.com/watch?v=bCNn...

16.11.2024 17:42 👍 0 🔁 0 💬 0 📌 0

Latest posts by @lnd3v