Mr B0b

⚠️ Use Microsoft Teams? Watch out for TeamsPhisher! While it is not usually possible to send files to MS Teams users outside your org, by security researchers found a bypass by manipulating Teams web requests 🔥 github.com/Octoberfest7/T… Examples of MS Teams phish lures ⬇️ 1/3

I'm happy to introduce AC&CD! You are detecting the wrong C2 beaconing traffic(and I was, too, long ago), so I've fixed it and put it in a Jupyter Notebook! Wanna detect Cobalt Strike, Sliver, Mythic, and all known C2 frameworks' beaconing? #ThreatHunting github.com/Cyb3r-Monk/ACCD

Microsoft has been published a #TokenTheft playbook which includes investigation checklist, hunting queries, response/recovery task list but also accompanying decision tree. A must read for every #AzureAD, #Entra, #SecOps admin and architect. learn.microsoft.com/en-us/security…

🚨 Over 250,000 Fortinet firewalls publicly accessible on the Internet. They just dropped a patch for a major Remote Code Execution vulnerability. ...and then announced the vuln may have been used in attacks already. Lets dive in 👇

At @falconforceteam we love automation. We apply this to a lot of our processes, including Detection Engineering. We will be sharing our internal tooling for validation, deployments etc as open source software. Enjoy our first blog, written by @gijs_h medium.com/falconforce/de…

Nice blog post from @g3rzi (@CyberArk) 👉Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 1 cyberark.com/resources/thre…

MIT Introduction to Deep Learning - 2023 Starting soon! MIT Intro to DL is one of the most concise AI courses on the web that cover basic deep learning techniques, architectures, and applications. 2023 lectures are starting in just one day, Jan 9th! introtodeeplearning.com

Free cloud training workshops 🚨 AWS CIRT announces the release of five publicly available workshops | AWS Security Blog aws.amazon.com/blogs/security…

I'm proud to announce that we've just open sourced a four day Rust course I've been working on! Read it here: google.github.io/comprehensive-… #rust #rustlang #android

Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious! securityintelligence.com/posts/critical…

THREAT HUNTING PLAYBOOK LEARN HOW TO EMBRACE A PROACTIVE SECURITY POSTURE github.com/blackorbird/AP…

9. Import the `mastodon_import_file.csv` file from your #Mastodon account 10. Enjoy ;) 6/6

7. Download the `twitter_to_mastodon.sh` gist.github.com/Mr-B0b/93faf34… bash script and replace `<curl_bash_command>` with the modified curl bash command line 8. Run the bash script (you'll need the @TomNomNom amazing github.com/tomnomnom/gron tool to parse json files) 5/6

Are you also preparing a way out on #Mastodon (just in case @elonmusk messes up) ? He is a quick and dirty #mastodonmigration way to generate a csv file of your Twitter followings handles to be imported on Mastodon all at once. 🧵 1/6

A lot has been said about removing hooks and kernel callbacks to stop an EDR from detecting malicious activity. What if we could terminate the process completely? Well ...we can. Check this out: spikysabra.gitbook.io/kernelcactus/

Here we go, we are finally releasing all the materials of our workshop at @defcon and our talk at @BSidesLV on “CI/CD : The new Eldorado” 🔥🔥🔥 With this content, you will go through… 🧵 github.com/wavestone-cdt/…

Chromium's application mode can be used to easily build realistic phishing desktop applications. Enjoy. mrd0x.com/phishing-with-…