Silicon Valley - What the Fuck Gilfoyle Does

Can You Be Hacked Through the Mail for $10? | Retia

I Know What You Clicked Last Summer | Red Canary Films

Cisco Releases Security Updates for Multiple Products

https://us-cert.cisa.gov/ncas/current-activity/2022/06/16/cisco-releases-security-updates-multiple-products

FluBot Android Banking Malware Shutdown - ThreatWire

CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities

https://us-cert.cisa.gov/ncas/current-activity/2022/06/02/cisa-updates-advisory-threat-actors-chaining-unpatched-vmware

CISA, the Federal Bureau of Investigation (FBI), the Department of Treasury, and the Financial Crimes Enforcement Network (FinCEN)

CISA, the Federal Bureau of Investigation (FBI), the Department of Treasury, and the Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory (CSA) to provide information on the Karakurt data extortion group. Karakurt actors steal data and threaten to auction it off or release it to the public unless they receive payment of the demanded ransom.

https://us-cert.cisa.gov/ncas/current-activity/2022/06/01/karakurt-data-extortion-group

Microsoft Releases Workaround Guidance for MSDT "Follina" Vulnerability

https://us-cert.cisa.gov/ncas/current-activity/2022/05/31/microsoft-releases-workaround-guidance-msdt-follina-vulnerability

Malware Analysis: Trickbot

In this day and age, we are not dealing with roughly pieced together, homebrew type of viruses anymore. Malware is an industry, and professional developers are found to exchange, be it by stealing one's code or deliberate collaboration. 

Malware Analysis: Trickbot https://thehackernews.com/2022/05/malware-analysis-trickbot.html via @TheHackersNews 

DO NOT design your network like this!! // FREE CCNA // EP 6

SLAYER - You Against You (One of my favorites)

Tampering with Wristbands

Live Websites for Information as It Happens.

 Flights -  ADS-B Exchange, Flightradar24

Maritime - https://www.marinetraffic.com/

Weather and Earth Views- https://zoom.earth/ , The World in Real Time, Latest Earthquakes 

Information Security - Live Attacks

Wars - Ukraine War, Live Ukraine Feed

They said this doesn't work 🤣 Hacking networks with VLAN hopping and Python

OSINT: You can't hide // Your privacy is dead // Best resources to get s...

Tech Tip Fortigate

 If you are like me the industry standard has turned to MFA (Multi Factor Authentication) for Administrative Accounts or connecting via VPN. 

I like and use Fortinet and the FortiGate's NGFW Systems. I was having issues with using LDAP accounts being able to bypass vpn connections with just the standard Windows Account. To be honest it would allow them to connect without a token never even prompting them for the token. 

You have to turn set username-sensitivity disable under the users profile in the CLI. 

Here is an example. 

Hope this helps some admins it was kind of a head scratcher for me. 

How to detect Password Spray attack in Active Directory

OSINT Framework & Passive Recon

Intercepting mobile traffic | Burp Suite Tutorial | Hakin9 Magazine

Python Cheat Sheet

 

https://hakin9.org/python-cheat-sheet-for-hackers-and-developers/?fbclid=IwAR2mvGvdTN0RIu4wvgff_oI0gHgw-rzbQBZC3XON6BARh4dMNAikh4r4-Z8

Microsoft warns Exchange Online basic auth will be disabled

 Microsoft warned customers today that it will start disabling Basic Authentication in random tenants worldwide on October 1, 2022.

This reminder comes after the company's September announcement and after seeing that there are still lots of customers who haven't yet moved their clients and apps to Modern Authentication.

Full Story @ https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-exchange-online-basic-auth-will-be-disabled/?fbclid=IwAR3ujn2Ao-RzIaD27spzlU4fjVqUyv83nPAqPnrMTgPsrGo6VsjH92JesDs