P

Un véritable marronnier chez @SNCF #grevesncf

presse-citron.net/13-millions-de… on parle administrations, mais beaucoup de démarches vitales sont tout aussi compliquées: téléphone, électricité, eau, gaz ... L'ergonomie des services publics est un enjeux de citoyenneté.

👀 Apparently #AlibabaCloud has been hacked and their source code is now up for sale on #Raidforums. Mentions of targeting #Tencent next...

W0w! @virustotal has now available memdumps and EVTX to download for every malware detonation they do

Hahaha 😄 ... who made this?

Today we unveil the technical details of a long-running operation by IndigoZebra APT: * targeting high profile officials in Central Asia with spear-phishing emails * #xCaon backdoor - ITW since at least 2014 * new #BoxCaon variant uses Dropbox API as C&C

You cannot get educated by this self-propagating system in which people study to pass exams, and teach others to pass exams, but nobody knows anything. You learn something by doing it yourself, by asking questions, by thinking, and by experimenting. 🧠

#HappyXmas First at all, I would like to thank @faisalusuf for the contribution to the collaborative project to edit a list of aliases of different groups from different Threat Intelligence companies. github.com/StrangerealInt…

Journalistes, un rappel : on n'a pas de chiffres sérieux sur les attaques informatiques (et encore moins sur leur coût !), tous ceux qui sont publiés sont du doigt mouillé approximatif fait au pifomètre sans jamais de méthodologie. lemondeinformatique.fr/actualites/lir… #cybersécuritay

FBI and AFP ran a “secure messaging” app for 3 years. Now they’re rolling up hundreds criminals who talked about crimes on AN0M, aka FBI Messenger. couriermail.com.au/news/national/…

arstechnica.com/gadgets/2021/0… Once again: do not expose administration interfaces on open networks. Use VPN, host2host IPsec, segmentation, micro-segmentation, IP access control, filtered admin VLAN, whatever. But don't let anybody connnect to admin interfaces.

• Read everyday. • Spend time with nature. • Ask questions. • Never stop learning. • Don't pay attention to what others think of you. • Do what interests you the most. • Study hard. • Teach others what you know. • Make mistakes and learn. • It's Okay to not know things!

I wrote a 1day exploit for chrome CVE-2020-16040. It includes a typer hardening bypass. Works for chrome version <= 87.0.4280.88 github.com/r4j0x00/exploi…

Je l'ai citée verbalement 2 fois cette semaine, donc je re-twitte: La synthèse de @laubloch sur les enjeux stratégiques autour des semi-conducteurs est excellente et tenue à jour. Lecture recommandée. laurentbloch.net/MySpip3/Indust…

Publication de l'outil DFIR-O365RC : Un module PowerShell de collecte de journaux pour l'investigation numérique sur Office 365. github.com/anssi-fr/dfir-…

Tired of hunting for IOCs on social media and fighting with different logins across different platforms? I'm happy to announce the newest project of abuse.ch: ThreatFox! 🥳🎉 ThreatFox IOC sharing platform: threatfox.abuse.ch Blog: abuse.ch/blog/introduci…

Patches released by @MsftSecIntel for multiple Exchange #CVE. Immediate action is critical, as some are currently being exploited in the wild. Exploits enable unauthenticated RCE when chained. microsoft.com/security/blog/…