Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Administered by:

Server stats:

238
active users

eupolicy.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#windowssecurity

2 posts2 participants0 posts today
Public
0x40k

FIN7 *again*? Seriously, these guys just don't quit, do they? 🙄

Heads up – they've cooked up an Anubis backdoor using Python. And nope, *it's not* the Android Trojan people know. It's pretty wild what this thing packs: we're talking remote shell capabilities, file uploads, messing with the registry... 🤯 Basically, the keys to the kingdom!

And let me tell you from a pentester's perspective: Just relying on AV? That's *definitely* not gonna cut it anymore. We all know that, right?

Looks like they're slipping in through compromised SharePoint sites now? Yikes. The nasty part? A Python script decrypts the payload *directly in memory*, making it incredibly tough to spot! 🥴 Plus, their command and control chats happen over a Base64-encoded TCP socket.

So, keep a *sharp eye* on those ZIP attachments! Double-check your SharePoint sites' integrity. You'll also want to monitor network traffic closely (especially that TCP activity!). And make sure your endpoint security is actually up to snuff – remember, they love finding ways to bypass defenses!

How are *you* tackling threats like this one? What are your go-to tools and strategies for defense? 🤔 Let's share some knowledge!

#infosec#pentesting#cybersecurity
Public
LavX News

Microsoft Addresses Critical Windows Kernel Zero-Day Exploit: What Developers Need to Know

A recently patched zero-day vulnerability in the Windows Win32 Kernel Subsystem has been exploited since March 2023. With potential impacts on both older and newer Windows versions, developers and org...

news.lavx.hu/article/microsoft

Microsoft Addresses Critical Windows Kernel Zero-Day Exploit: What Developers Need to Know
#news#tech#WindowsSecurity
Public
Lenin alevski 🕵️💻

New Open-Source Tool Spotlight 🚨🚨🚨

Mimikatz is a well-known open-source tool for extracting credentials from Windows systems. It can retrieve plaintext passwords, hash credentials, and even Kerberos tickets from memory. Used by both researchers and attackers, it highlights the importance of secure credential management in Active Directory environments. #CyberSecurity #WindowsSecurity

🔗 Project link on #GitHub 👉 github.com/gentilkiwi/mimikatz

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

Public
LavX News

Microsoft's Massive January Patch Tuesday: 161 Vulnerabilities Fixed, Including Three Active Zero-Days

In a historic move, Microsoft addresses a staggering 161 security vulnerabilities in its latest Patch Tuesday update, with three zero-day flaws already under active attack. This unprecedented release ...

news.lavx.hu/article/microsoft

Microsoft's Massive January Patch Tuesday: 161 Vulnerabilities Fixed, Including Three Active Zero-Days
#news#tech#ZeroDayExploits
ExploreLive feeds
About