Article: RDPHijack-BOF - Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking - published over 1 year ago.
Content:
Copy Link: http://www.kitploit.com/2022/11/rdphijack-bof-cobalt-strike-beacon.html   
Published: 2022 11 09 11:45:00
Received: 2022 11 09 12:23:11
Feed: PenTest and Hacking Tools - powered by FeedBurner
Source: PenTest and Hacking Tools - powered by FeedBurner
Category: News
Topic: Security Tooling

Article: Defeating Phishing-Resistant Multifactor Authentication - published over 1 year ago.
Content: CISA is now pushing phishing-resistant multifactor authentication. Roger Grimes has an excellent post reminding everyone that “phishing-resistant” is not “phishing proof,” and that everyone needs to stop pretending otherwise. His list of different attacks is particularly useful. ...
Copy Link: https://www.schneier.com/blog/archives/2022/11/defeating-phishing-resistant-multifactor-authentication.html   
Published: 2022 11 09 12:18:58
Received: 2022 11 09 12:21:20
Feed: Schneier on Security
Source: Schneier on Security
Category: Cyber Security
Topic: Cyber Security

Article: Botconf Day 3 Wrap-Up - published about 2 years ago.
Content: Here we go with day 3! In the morning, there are always fewer people due to the short night. The gala dinner is always a key activity during Botconf! The last day started with “Jumping the air-gap: 15 years of nation-state efforts” presented by Alexis Dorais-Joncas and Facundo Munoz. Does “air-gap” means a big castle in the middle of the Internet? That’...
Copy Link: https://blog.rootshell.be/2022/04/30/botconf-day-3-wrap-up/   
Published: 2022 04 29 22:07:52
Received: 2022 11 09 12:19:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Article: [SANS ISC] Use Your Browser Internal Password Vault… or Not? - published almost 2 years ago.
Content: I published the following diary on isc.sans.edu: “Use Your Browser Internal Password Vault… or Not?“: Passwords… a so hot topic! Recently big players (Microsoft, Apple & Google) announced that they would like to suppress (or, at least, reduce) the use of classic passwords. In the meantime, they remain the most common way to authenticate users against...
Copy Link: https://blog.rootshell.be/2022/05/17/sans-isc-use-your-browser-internal-password-vault-or-not/   
Published: 2022 05 17 10:08:55
Received: 2022 11 09 12:19:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Article: [SANS ISC] A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes - published almost 2 years ago.
Content: I published the following diary on isc.sans.edu: “A ‘Zip Bomb’ to Bypass Security Controls & Sandboxes“: Yesterday, I analyzed a malicious archive for a customer. It was delivered to the mailbox of a user who, hopefully, was security-aware and reported it. The payload passed through the different security layers based on big players on the market! ...
Copy Link: https://blog.rootshell.be/2022/05/20/sans-isc-a-zip-bomb-to-bypass-security-controls-sandboxes/   
Published: 2022 05 20 10:05:12
Received: 2022 11 09 12:19:28
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Article: [SANS ISC] Sandbox Evasion… With Just a Filename! - published almost 2 years ago.
Content: I published the following diary on isc.sans.edu: “Sandbox Evasion… With Just a Filename!“: Today, many sandbox solutions are available and deployed by most organizations to detonate malicious files and analyze their behavior. The main problem with some sandboxes is the filename used to submit the sample. The file can be named like “sample.exe”, “suspicio...
Copy Link: https://blog.rootshell.be/2022/06/03/sans-isc-sandbox-evasion-with-just-a-filename/   
Published: 2022 06 03 10:29:33
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Article: [SANS ISC] Houdini is Back Delivered Through a JavaScript Dropper - published almost 2 years ago.
Content: I published the following diary on isc.sans.edu: “Houdini is Back Delivered Through a JavaScript Dropper“: Houdini is a very old RAT that was discovered years ago. The first mention I found back is from 2013! Houdini is a simple remote access tool written in Visual Basic Script. The script is not very interesting because it is non-obfuscated and has just...
Copy Link: https://blog.rootshell.be/2022/06/16/sans-isc-houdini-is-back-delivered-through-a-javascript-dropper/   
Published: 2022 06 16 11:11:03
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Article: [SANS ISC] Malicious PowerShell Targeting Cryptocurrency Browser Extensions - published almost 2 years ago.
Content: I published the following diary on isc.sans.edu: “Malicious PowerShell Targeting Cryptocurrency Browser Extensions“: While hunting, I found an interesting PowerShell script. After a quick check, my first conclusion was that it is again a simple info stealer. After reading the code more carefully, the conclusion was different: It targets crypto-currency b...
Copy Link: https://blog.rootshell.be/2022/06/22/sans-isc-malicious-powershell-targeting-cryptocurrency-browser-extensions/   
Published: 2022 06 22 10:42:58
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Article: [SANS ISC] Another Script-Based Ransomware - published over 1 year ago.
Content: I published the following diary on isc.sans.edu: “Another Script-Based Ransomware“: In the past, I already found some script-based ransomware samples written in Python or Powershell. The last one I found was only a “proof-of-concept” (my guess) but it demonstrates how easy such malware can be developed and how they remain undetected by most antivirus pro...
Copy Link: https://blog.rootshell.be/2022/11/09/sans-another-script-based-ransomware/   
Published: 2022 11 09 11:42:36
Received: 2022 11 09 12:19:27
Feed: /dev/random
Source: /dev/random
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: Why it's time to review your Microsoft patch management options - published over 1 year ago.
Content:
Copy Link: https://www.csoonline.com/article/3679248/why-its-time-to-review-your-microsoft-patch-management-options.html#tk.rss_all   
Published: 2022 11 09 10:00:00
Received: 2022 11 09 12:04:29
Feed: CSO Online - All
Source: CSO Online
Category: Cyber Security
Topic: Cyber Security

Article: Rezilion expands SBOM to support Windows environments - published over 1 year ago.
Content:
Copy Link: https://www.csoonline.com/article/3679249/rezilion-expands-sbom-to-support-windows-environments.html#tk.rss_all   
Published: 2022 11 09 11:00:00
Received: 2022 11 09 12:04:29
Feed: CSO Online - All
Source: CSO Online
Category: Cyber Security
Topic: Cyber Security

Article: Hackers release Australian health insurer’s customer data - published over 1 year ago.
Content:
Copy Link: https://www.databreaches.net/hackers-release-australian-health-insurers-customer-data/   
Published: 2022 11 09 11:48:56
Received: 2022 11 09 12:04:24
Feed: DataBreaches.net
Source: DataBreaches.net
Category: Data Breaches
Topic: Data Breaches

Cyber Tzar Gold Score Certificate