Similar User
@mangekyo_sec
@DrewBauman
@MikeHanchos
@ZakCh3b
@Jahs_See
@dan_breu
@arunnsec
@BoseSourajyoti
@SMHWritesThings
A vulnerability in macOS, identified as CVE-2021-30970 and fixed by Apple in December, could allow an attacker to bypass Transparency, Consent, and Control (TCC) and gain unauthorized access to protected data. Read our analysis via @yo_yo_yo_jbo: msft.it/6018ZWvnw
Little Bobby Tables has changed his attack vector 😂 #log4j #Log4Shell #infosecurity #infosec
Want to know why threat actors are so interested in Microsoft Partners and Delegated Administrative Privileges (DAP)? Check my blog at o365blog.com/post/partners/ #AzureAD #blueteam #redteam #infosec #AADInternals
PoC exploit now out for Azure Active Directory brute forcing flaw. Microsoft maintains it's not a vulnerability but appears to be working on a solution. Includes additional commentary from @DrAzureAD @Secureworks 👇👇👇 arstechnica.com/information-te…
Azure AD Introduction for Red Teamers synacktiv.com/en/publication… #Pentesting #Azure #ActiveDirectory #RedTeam #CyberSecurity #Infosec
Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw securityweek.com/hundreds-thous…
Backdoor #Office365 and #Azure AD by stealing AD FS certificate/key pair. Golden SAML attack will allow an attacker to: > Bypass MFA to Azure / Office365 > Logon as any AD user regardless of password resets > Method is usually valid for a year inversecos.com/2021/09/backdo…
Another great read for you all! "A deep-dive into the #SolarWinds Serv-U SSH vulnerability" microsoft.com/security/blog/… #cybersecurity #threatprotection @msftsecurity
(1/x) M365 changes to be aware of 1) End-users can purchase PowerBI on their on personal credit cards to bypass IT 2) End-users can purchase Windows 365 Cloud PC VMs on their own personal credit cards to bypass IT 3) End-users can create security groups (even if you disabled it)
Researchers have uncovered a new class of vulnerabilities affecting major managed DNS providers that could allow attackers to spy on massive amount of DNS traffic and exfiltrate sensitive information from corporate networks. Read: thehackernews.com/2021/08/bugs-i… #infosec #cybersecurity
LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains securityaffairs.co/wordpress/1206…
Microsoft Rushes Fix For PetitPotam Attack PoC packetstormsecurity.com/news/view/3250…
HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11 blog.malwarebytes.com/exploits-and-v…
Malicious Office365 apps are the ultimate insiders: They bypass 2FA, survive password resets, & give attackers launching point for more attacks. New research shows they're very effective at getting bad guys inside O365 organizations. krebsonsecurity.com/2021/05/malici…
New version of #AADInternals out now, including remote dumping of #ADFS configuration database🔥 Read the blog at: o365blog.com/post/adfs/ Credits to @vesat, @doughsec, @BakedSec, @_dirkjan, @gentilkiwi, @MGrafnetter, and @Cyb3rWard0g for your help and previous work!
What a time to be alive... Install the Microsoft signed Hybrid Connection Manager on victim host, link it up with your Azure app, enjoy persistent access to the on-prem network from your Azure portal. Only needs https outbound to Azure and line of sight from victim to target host
The #CryptoGathering #Sweepstakes 🚀 1 lucky person will receive $4500 in #BTC by the time this is over... ❤️/RT this post & follow @RealVision for a chance to #win. 🏆 will be announced 03/26 6pm ET here & at the event. rvtv.io/38ntphJ Terms👉 rvtv.io/3farOQl
Attacks Spike Following The Disclosure Of CVE-2021-22986: F5 Networks BIG-IP iControl Remote Command Execution Vulnerability feedproxy.google.com/~r/Imperviews/…
Microsoft observed a new family of human operated ransomware attack customers – detected as Ransom:Win32/DoejoCrypt.A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers. #DearCry @MsftSecIntel
United States Trends
- 1. Tyson 520 B posts
- 2. Karoline Leavitt 15 B posts
- 3. #wompwomp 6.718 posts
- 4. Syracuse 21,4 B posts
- 5. Kiyan 25,6 B posts
- 6. Pence 61,1 B posts
- 7. Paige 7.489 posts
- 8. Kash 106 B posts
- 9. The FBI 271 B posts
- 10. Debbie 35,4 B posts
- 11. Whoopi 116 B posts
- 12. #LetsBONK 16,4 B posts
- 13. Villanova 1.757 posts
- 14. White House Press Secretary 19,3 B posts
- 15. Dora 24,5 B posts
- 16. Shu Shu 27,3 B posts
- 17. Kyle Neptune N/A
- 18. Mike Rogers 22 B posts
- 19. Bucks County 96,1 B posts
- 20. Boiled 4.866 posts
Something went wrong.
Something went wrong.