Henrik Kentsson

have a great cyberweekend.

The $5 Membership sale is now live! The sale lasts until July 17 23:59 UTC: account.shodan.io/billing/member

The National Operations Department (NOA) of the Swedish police has visited Mullvad VPN with a search warrant, with the intention to seize computers with customer data. No customer data was compromised. mullvad.net/blog/2023/4/20…

Happy to share my first blog as part of @wiz_io 🪄🧙 Cloud is complex and so it's attack surface. If you are interested in learning about #cloudforensics I recommend reading this! wiz.io/blog/intro-to-…

More car hacking! Earlier this year, we were able to remotely unlock, start, locate, flash, and honk any remotely connected Honda, Nissan, Infiniti, and Acura vehicles, completely unauthorized, knowing only the VIN number of the car. Here's how we found it, and how it works:

GIVEAWAY: y’all are always asking for technical training to upscale your digital forensics skills - well now’s your chance! i’m giving away 5 FREE windows forensics courses. just follow @bluecapesec and retweet this to enter! winners announced the 28th! academy.tcm-sec.com/p/practical-wi…

Using the tool to its full potential here

@wimremes Sounds like Swedish government elections, 4 years for 10m people. It's not a good model...

6/ They’re making the chair an officer of the company. that gives them all rights to act individually in the name of the company. Imagine someone with a 4 year tenure allowed to make any and all decisions for almost 200.000 members. It’s redonkulous.

So here's a summary of what ISC2 is changing in its Bylaws and why you should vote NO in the upcoming Bylaws vote. Hold on to your wigs:

Here is our technical deep dive for the #Fortinet CVE-2022-40684 Auth Bypass. POC within. This year has been filled with interesting HTTP header abuse! horizon3.ai/fortios-fortip…

With reports of #Fortinet CVE-2022-40684 being exploited in the wild, we have detailed some early Indicators of Compromise in the following blog to help organizations assess their environments. horizon3.ai/fortinet-iocs-…

Insert commas into your password so when your credentials are dumped into a CSV it breaks it

We just released a new version of DeTT&CT including ATT&CK Mobile support! Thanks to the Dutch National Police who sponsored this! Checkout this new version! github.com/rabobank-cdc/D…

Fox-IT just open sourced their enterprise forensics tooling dissect. This is a big project that some of the smartest people I know have worked on. It supports many filesystems and file formats, all as Python libraries. Docs: docs.dissect.tools / code: github.com/fox-it/dissect

Attacker recently gained access to a victim's external DNS provider, changed passwords and deleted all records. Account recovery failed because....there were no MX records anymore to be able to receive the recovery emails...

The LAPSUS$ ransomware group has claimed to breach Okta sharing the following images from internal systems.

15 members of REvil has been arrested by the Russian authorities. REvil, once dubbed the "Crown prince of Ransomware", was responsible for the Kaseya supply chain attack, and many other high-profile breaches. Footage courtesy of the FSB.

If you rename procdump.exe to dump64.exe and place it in the "C:\Program Files (x86)\Microsoft Visual Studio\*" folder, you can bypass Defender and dump LSASS.

3 hours of debugging can save you 5 mins of reading the docs.