aaron hau
@hau_zy🤓 nerd 🤷♂️ joined twitter cos everyone seems to be sharing stuff here #FOMO
Similar User
@ASIACCS2024
@ccanojavi
@sridhar933
@SCCS_UniSurrey
@icboureanu
@InfoSecJohnDoe
@cyb3rmeerk4t
@azhrdesai
@mvdfir
“Break into the world of vulnerability research... and become a zero-day hunter.” I have a new book with @nostarch! Behind the curtain of zero-day research, there are fundamental building blocks you can learn. In early access now and out in Spring 2025! nostarch.com/zero-day
If you spend too much time with people who don't have any ambitions, you'll soon lack the fire to excel.
BLOG POST: We've been investigating the #Quad7 7777 botnet for a while, we thought it was time to share some of our findings. Includes discovery of the linked 63256 botnet which targets #ASUS routers. team-cymru.com/post/botnet-77… h/t @Gi7w0rm
#100DaysOfYara Since everyone talks about detection, I want to share some tips about efficiency & performance with YARA, especially if you're dealing with tons of rules and files like us First up: Don't use modules if you don't have to A few examples: - no need to import…
I had fun learning about hardware protocols and finding CVE-2023-5449 in HP display monitors! spaceraccoon.dev/hacking-displa…
Caring about whoami? Despite common belief, it doesn't use GetUserNameEx() unless you specify /UPN or /FQDN param! Whoami calls OpenProcessToken() to get process token, then GetTokenInformation() to get SID, and finally LookupAccountSid() to get username. You have been warned ;)
I wrote a lot about the people I call "shapers" in my book Principles: Life & Work. I use the word to mean someone who comes up with unique and valuable visions and builds them out beautifully, typically over the doubts of others. Shapers get both the big picture and the details…
🧵 (1/) Bypassing IDS DCSync Signature for #secretsdump I’ve been asked lately to bypass a private IDS rule for #impacket’s DCSync operation and I’ve immediately remembered this Charlie’s question ⬇️
If you wondered why you need a CIFS SPN for secretsdump, and an LDAP SPN for Mimikatz, know one thing, you're not alone 🥲 If you do know why, halp, pleaz ❤️
I outsmarted this AI chatbot in Immersive Labs' prompt injection skills challenge! Can you? @immersivelabs #ai #cybersecurity prompting.ai.immersivelabs.com
Publishing today a position paper on Generative AI - a lot of promise, but many challenges. Available as CERT-EU Security Guidance 23-002 - cert.europa.eu/static/securit…
Check out our latest blog by Aaron (Zhongyuan) Hau where he discusses how an advisory can take advantage of normal everyday cyber hygiene issues to compromise the whole network. threatspike.com/blogs/aad
Remember the large #GoogleAd spike earlier in the year deploying malware? Our team did a write-up on the malware that was delivered at the last stage. We couldn't identify any public family names with this hVNC malware so we are calling it #LOBSHOT 🏸
#ElasticSecurityLabs highlights a new #Malware family we call LOBSHOT, deployed as part of a Google adwords malvertising campaign. Read more about this financially-motivated threat here: go.es.io/41FRzxu
And so it begins...
Aaaaaaaand prompt injection in VT’s new feature. Puppies can’t be malicious. (Not the creator, sent to me) virustotal.com/gui/file/264be…
Introducing the Living Off The Land Drivers (LOLDrivers) project, a crucial resource that consolidates vulnerable and malicious drivers in one place to streamline research and analysis. loldrivers.io LOLDrivers enhances awareness of driver-related security risks and…
AZURE AD KERBEROS TICKETS: PIVOTING TO THE CLOUD By Edwin David trustedsec.com/blog/azure-ad-…
United States Trends
- 1. Thanksgiving 824 B posts
- 2. Wiggins 4.663 posts
- 3. Druski 27,6 B posts
- 4. Dylan Harper 4.790 posts
- 5. Kevin Hart 15,9 B posts
- 6. Shai 7.572 posts
- 7. #RHOSLC 6.280 posts
- 8. Pat Spencer 1.283 posts
- 9. Friday Night Lights 17,8 B posts
- 10. Jalen Williams 2.157 posts
- 11. Tyrese Martin 2.024 posts
- 12. Zuckerberg 57,4 B posts
- 13. Vindman 67,7 B posts
- 14. Rutgers 5.370 posts
- 15. #GoAvsGo 1.735 posts
- 16. #Survivor47 4.687 posts
- 17. #AEWDynamite 26,4 B posts
- 18. Kuminga N/A
- 19. Adin Hill N/A
- 20. RJ Davis N/A
Something went wrong.
Something went wrong.