hacksys

1.7K posts

hacksys

@flopyash

At Blackhat & Defcon 25

England انضم Şubat 2018

1.7K يتبع823 المتابعون

تغريدة مثبتة

hacksys@flopyash·26 Kas

🚨𝐓𝐇𝐄 $𝟏 𝐁𝐋𝐀𝐂𝐊 𝐅𝐑𝐈𝐃𝐀𝐘 𝐒𝐓𝐄𝐀𝐋 𝐈𝐒 𝐇𝐄𝐑𝐄! Get the @cyberwarfarelab Infinity Subscription Plan for just $1/Year. 🔥130+ Labs (AI, Cloud, K8s, APT Labs) ⏳Ends Nov 30 - Go to infinity.cyberwarfare.live - Select "Pro Plan" - Code: BLACKFRIDAY25 #BlackFriday

English

124

hacksys أُعيد تغريده

Snyk@snyksec·1d

@karpathy The LiteLLM dependency incident didn't "just happen" though. This is part of a larger campaign LiteLLM already extends to supply chain security fallout for other projects: snyk.io/articles/poiso…

English

141

958

286.4K

hacksys أُعيد تغريده

Mandiant (part of Google Cloud)@Mandiant·4 Mar

Coruna exploit kit is targeting iOS. Coruna leverages 23 exploits against Apple devices running iOS 13-17.2.1. It is being used for espionage, and by financially motivated actors to steal crypto. Update your iOS devices, and learn more about this threat: bit.ly/4rbeltc

Mandiant (part of Google Cloud) tweet media

English

119

359

117.2K

hacksys أُعيد تغريده

Lukasz Olejnik@lukOlejnik·4 Mar

Google has identified an iOS exploit kit named Coruna. 5 full exploit chains, 23 vulnerabilities, documentation in native English, modular architecture. Full professionalism. It must have cost millions of dollars. Who built it? Google doesn’t say, but the evidence points to US government tools. The kit also contains components previously used in a cyber operation that Russia attributed to the NSA. Coruna traveled. First, an anonymous “company client”, then used by a Russian cyber espionage group, which hid the code on Ukrainian websites inside a visitor-counter script, delivering it only to selected users from a specific geolocation. Later a financially motivated actor “operating from China” deployed it (infecting over 42,000 devices). The malware added to the ready-made kit was lower quality than the original suggesting the tools were acquired and modified by someone else. One US government subcontractor, Peter Williams, just received a 7-year prison sentence for selling tools to Russian broker Operation Zero. The US government spent millions on a tool that now steals cryptocurrency. A good return on investment, just not for themselves. One more detail: Coruna did not attack devices with Lockdown Mode enabled. cloud.google.com/blog/topics/th…

English

219

812

82K

hacksys أُعيد تغريده

OtterHacker@OtterHacker·4 Mar

I published a Sharepoint and Outlook PowerShell GUI that can be used on RedTeam operation when you've found an Azure AppId with interesting privileges. You can now use these tools to browse the SharePoint or Mailboxes through a GUI instead the GraphAPI github.com/OtterHacker/M3…

English

319

15.6K

hacksys أُعيد تغريده

Panos Gkatziroulis 🦄@ipurple·2 Mar

🔐 Credential Guard protects the secrets that Windows uses to authenticate users and devices. 📢 A quick look at how Credential Guard bypass research has evolved. 🛡️ Credential Guard doesn’t eliminate all identity attacks, but it raises the bar. 💡 A reminder that controls and defensive assumptions must be revisited continuously. 𝓝𝓸𝓽𝓮: Techniques involving domains that Credential Guard does not protect are not included in this timeline.

English

2.8K

hacksys أُعيد تغريده

draw.io@drawio·23 Şub

New: draw.io skill for Claude Code — describe a diagram, get an editable PDF, PNG or SVG. Each file embeds the full draw.io XML so you can reopen and edit anytime. github.com/jgraph/drawio-…

English

159

1.6K

178.7K

hacksys@flopyash·28 Oca

@KrknSec @cyberwarfarelab Wow!

KrknSec@KrknSec·28 Oca

Just received my Certified Windows Internals - Red Team Operator (CWI-RTO) cert from @cyberwarfarelab! Great course that dives into Windows Kernel objects and how they can be used from an attacker's perspective. Next up is the Certified Exploit Development Professional (CEDP)!

English

223

hacksys أُعيد تغريده

Hunt.io@Huntio·14 Oca

🇨🇳🕵️‍♂️ We mapped more than 18,000 active C2 servers across Chinese ISPs and cloud providers. Instead of chasing individual IPs, domains, or malware samples, we looked at malicious infrastructure at country and ISP scale to understand where attacker operations actually persist. 👉 Full analysis here: hunt.io/blog/china-hos… What we saw was not random. Activity was concentrated, repeatable, and driven by shared infrastructure. Key takeaways: - More than 18,000 active C2 servers observed across Chinese hosting environments - C2 infrastructure accounted for roughly 84% of all malicious artifacts in the dataset - A small number of telecom and cloud providers hosted most of the C2 activity - Commodity malware, phishing operations, and state-linked campaigns operated inside the same networks - Infrastructure-first hunting remained effective even as IPs and domains rotated Hunting at country and ISP scale exposes infrastructure patterns that individual indicators will never reveal!

English

253

16.9K

hacksys أُعيد تغريده

vx-underground@vxunderground·30 Kas

Hello. I have partnered with @cyberwarfarelab to give away FOUR HUNDRED (400) vouchers to their Infinity Learning Pro Plan. This is worth $119,600. - 130+ hands-on labs, including advanced attack chains - Unlimited challenge time - Monthly new challenges & scenario updates - Leaderboards for nerds - ??? This is a massive giveaway. How to enter: 1. You NEED a Gmail account. IF YOU ARE SELECTED AS A WINNER authentication is performed via Gmail. It does NOT have to be your real Gmail. It can be a disposable email. However, if you DO NOT have a Gmail you WILL NOT be able to authenticate. 2. This is a pit of doom. You're all fighting. Leave a comment below with an IMAGE of your SILLIEST weapon of choice. 3. This giveaway will be active for the next 48 hours (unless I get bored). It is November 30th, 2025. If you comment AFTER December 2nd, 2025 then you're a big stinky nerd. You have missed the pit of doom. 4. Winners will notified by me commenting your comment. If you do not respond to the DM within 24 hours (if you're selected) you forfeit your win and someone else is chosen. PAY ATTENTION. Good luck in the pit of doom. Have fun. I expect lots of laughs from the silliness. Cheers,

English

1.2K

102

1.3K

119.5K

hacksys أُعيد تغريده

vx-underground@vxunderground·28 Kas

@cyberwarfarelab Additionally, @cyberwarfarelab is doing a Black Friday special. This is a massive discount starting TODAY and it ENDS NOVEMBER 30TH. You can get a bunch of stuff for literally $1. infinity.cyberwarfare.live

English

167

19.7K

hacksys@flopyash·29 Kas

Giveaway time with @vxunderground of @cyberwarfarelab

vx-underground@vxunderground

Giveaway time. Our friends at @cyberwarfarelab have gifted us AIO (All In One) Access to ALL of their courses for TWO PEOPLE You'll have access to the following courses (including labs). It is a lot. You're not expected to complete everything. This is valued at over $11,000. If you're gifted this you're expected to actually do something and not be a bum. This is a life changing giveaway. If you win this giveaway, bucked up, and lock in, you could be big brain real fast. Don't squander this. How to enter: - Leave a comment - ??? - I like cats Red Teaming: - Web Red Team Analyst [Web-RTA] - Active Directory Red Team Specialist [AD-RTS] - Enterprise Lateral Movement Specialist [CELMS] - Red Team Analyst [CRTA] - Red Team Specialist [CRTS V2] - Red Team Infra Dev [CRT-ID] - Stealth Cyber Operator [CSCO] Blue Teaming: - Blue Team Fundamentals [BTF] - Cyber Defence Analyst [CCDA] Purple Teaming: - Purple Teaming Fundamentals-C-Edition - Process Injection Analyst [CPIA] - Purple Team Analyst [CPTA V2] Cloud Security: - Multi-Cloud Red Team Analyst [MCRTA] - Hybrid Multi-Cloud Red Team Specialist [CHMRTS] - Google Cloud Red Team Specialist [CGRTS] - AWS Cloud Red Team Specialist [CARTS] - Multi-Cloud Blue Team Analyst [MCBTA] Ethical Hacking (Introduction courses): - Cyber Security Analyst [C3SA] - Certified Cyber Security Engineer [CCSE] Evasion & Exploitation: - Red Team – CredOps Infiltrator [CRT-COI] - Enterprise Sec. Controls Attack Specialist [CESC-AS] - Windows Internals Red Team Operator [CWI-RTO] - Certified Exploit Development Professional [CEDP] DevOps: - Certified DevOps Red Team Analyst (DO-RTA) Kubernetes Security: - K8s Red Team Analyst (K8s-RTA)

English

114

hacksys@flopyash·29 Kas

@RiderHomie @vxunderground @cyberwarfarelab Yes, you can checkout the All rounder bundle

English

Ryder Wilson@RiderHomie·29 Kas

@vxunderground @cyberwarfarelab Can someone tell me if I should buy the bundle for the 100$ price tag? Reviews seem mixed about the courses....

English

vx-underground@vxunderground·29 Kas

.@cyberwarfarelab is doing a Black Friday sale where they're selling courses, and labs, and stuff for $1. It's only valid for the next 48 hours. What if I bought 100 of them and gifted them to 100 people

English

437

19.6K

hacksys@flopyash·28 Kas

@TheSecOpsGroup @cyberwarfarelab Yes!!

150

hacksys أُعيد تغريده

The SecOps Group@TheSecOpsGroup·27 Kas

Hey! 👋 🎊 We’re collaborating with @cyberwarfarelab🤝 to bring something valuable to The SecOps Group & the entire security community. 🥷 This Black Friday, their 𝗜𝗻𝗳𝗶𝗻𝗶𝘁𝘆 𝗟𝗲𝗮𝗿𝗻𝗶𝗻𝗴 𝗣𝗿𝗲𝗺𝗶𝘂𝗺 𝗣𝗹𝗮𝘁𝗳𝗼𝗿𝗺 is available for just $𝟭 𝗳𝗼𝗿 𝗮 𝗳𝘂𝗹𝗹 𝘆𝗲𝗮𝗿 making continuous cybersecurity learning accessible to everyone. 📈 🥳 If you’ve been meaning to refresh core concepts, explore tools, or stay current with cybersecurity trends, this is a simple way to get started without overthinking the cost. 𝗛𝗼𝘄 𝘁𝗼 𝗰𝗹𝗮𝗶𝗺 𝘆𝗼𝘂𝗿 $𝟭 𝗮𝗰𝗰𝗲𝘀𝘀: ✅ Visit ✅ Open the Pricing page ✅ Select “Get Started Now” under the yearly Plan ✅ Apply code 𝗕𝗟𝗔𝗖𝗞𝗙𝗥𝗜𝗗𝗔𝗬𝟮𝟱 ✅ Subscribe and start learning 💯 Thanks to CWL for making learning easier for the community. Visit - cyberwarfare.live

English

6.2K

hacksys أُعيد تغريده

vx-underground@vxunderground·25 Kas

Hi, I will begin doing giveaways soon for the holiday season. This will be our third year doing giveaways. This year I'll be giving away significantly less stuff because I have a baby and he doesn't respect anything except milk, food, pooping, and sleep. Regardless, I still have lots of cool stuff to giveaway. I'll be doing giveaways from @cyberwarfarelab, @CCGCyberWorld, @HCAdamSec, @ddd1ms, and some stuff from myself personally out-of-pocket. I forgot to harass more people for free stuff. I'm sure someone will come around. For those new: each holiday season I giveaway a bunch of educational cybersecurity and/or information technology stuff. It's for anyone. tl;dr cats r cool

English

676

28.1K

hacksys@flopyash·25 Kas

@yanabantai @cyberwarfarelab offering great discounts in Black Friday 2025 cyberwarfare.live/black_friday/

English

189

John Bantai Naftali@yanabantai·24 Kas

Get Some Cybersecurity Hands-on Training with These Platforms for FREE TryHackMe - tryhackme.com Hands-On SOC Analyst Training - app.letsdefend.io Cybrary - cybrary.it Hack The Box Academy - academy.hackthebox.com OverTheWire - overthewire.org

English

264

13.8K

hacksys أُعيد تغريده

vx-underground@vxunderground·22 Kas

tl;dr to kill Copilot forever just block copilot[.]microsoft[.]com

English

169

1.8K

57.7K

hacksys أُعيد تغريده

hacksys@flopyash·24 Kas

[LIVE] Biggest Cyber Black Friday Sale 2025 by @cyberwarfarelab, practical cyber range labs. cyberwarfare.live/black_friday/ - Premium Access Materials (PDFs+Videos) - 30 Days Cloud based Practise Labs - Real World skills #redteam #cyberwarfarelabs #cybersecurity #blackfriday

English

160

hacksys@flopyash·24 Kas

@securitymeta_ @cyberwarfarelab best ever Cyber Black Friday Sale

English

166

Mike M@securitymeta_·23 Kas

It's InfoSec Black Friday & Cyber Monday time again... The InfoSec community never fails to impress me with their care! github.com/0x90n/InfoSec-… #infosec #blackfriday #cybermonday #deals

English

172

18.6K

اكتشف

@karpathy @KrknSec @cyberwarfarelab @vxunderground @RiderHomie @TheSecOpsGroup @CCGCyberWorld @HCAdamSec