yaracroft @venom@nanao.cybtex.fr

DPAPI Dumping revelant information on compromised targets without AV detection

https://github.com/login-securite/DonPAPI

Analysis of CVE-2021-1810 Gatekeeper bypass #vuln #apple #macos

https://labs.f-secure.com/blog/analysis-of-cve-2021-1810-gatekeeper-bypass/

CVE-2021-1810 The discovery of Gatekeeper bypass #vuln #apple #macos

https://labs.f-secure.com/blog/the-discovery-of-cve-2021-1810/

Empresa de turismo CVC Corp (cvccorp.com.br) é vítima de ataque #ransomware e ações caem #brazil

https://olhardigital.com.br/2021/10/04/seguranca/cvc-ataque-ransomware/

ChamelGang : A new advanced persistent threat (#APT) group that has attacked organizations in 10 countries, using the supply chain to move laterally. ChamelGang group was able to achieve its goal and steal data from the compromised network #cyber #threats #informatique

https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/new-apt-group-chamelgang/?pandemic-hackers

#Ransomware & the Secret Service

https://traffic.libsyn.com/secure/secureworld/SecureWorld-Sessions-Ep-085-Ransomware-Secret-Service.mp3?dest-id=1493057

Q2 2021 Internet Security Insights : « 35.9% of malware was know & 61.1% of malware was 0 day » #threats

https://watchguard.widen.net/download/watchguard/pf6ozov8ck/Internet_Security_Report_InfoGraphic_Q2_2021.pdf

70% of Canadian organizations facing a #ransomware #cyber attack last year paid the demands to avoid downtime, reputational damage and other costs #canada

https://www.ctvnews.ca/sci-tech/seven-in-10-canadian-organizations-facing-ransomware-attack-paid-demands-survey-1.5610293

It's becoming increasingly clear the crippling #cyber attack on Transnet's #IT #infrastructure was an act of #sabotage potentially carried out by the perpetrators of the insurrection #threats

https://www.iol.co.za/news/politics/call-to-connect-dots-between-insurrection-modus-operandi-and-crippling-transnet-cyber-attack-8d48c4e9-a3a7-4140-81de-5597a20a430b

Crédit Mutuel : #panne générale du site, les utilisateurs ne peuvent plus voir leur compte en #banque

https://www.phonandroid.com/credit-mutuel-panne-generale-du-site-les-utilisateurs-ne-peuvent-plus-voir-leur-compte-en-banque.html

#Ransomware : Rentrée 2021 sur les chapeaux de roue

https://www.lemagit.fr/actualites/252507690/Ransomware-une-rentree-sur-les-chapeaux-de-roue

Oops.. #Instagram, #Facebook, #WhatsApp apps crash throughout the world

https://www.jpost.com/breaking-news/instagram-facebook-whatsapp-crashes-681021?pandemic-hackers-ransomware-databreach-darknet-money-makers

Administrator of White House Market (WHM), one of today's largest dark web markets, said the site has reached its goal (filling its pockets) and has announced plans to retire the portal

https://therecord.media/dark-web-marketplace-white-house-market-shuts-down/

« #Facebook is tearing our societies apart and causing ethnic violence around the world » ( France Haugen )

https://www.cbsnews.com/news/facebook-whistleblower-misinformation-public-60-minutes-2021-10-03/

DeepSleep - PoC written in C that hooks sleep & encrypts shellcode page + changes permissions #informatique

https://github.com/jfmaes/DeepSleep

ADCS (Active Directory Certificate Services) avec Jean Marsault & Benjamin Delpy #windows #pki #crypto #csp

https://www.nolimitsecu.fr/wp-content/uploads/NoLimitSecu-336-ADCS.mp3

This is the first of a series of blog posts exploring a number of modern tech stacks which I've found to dramatically improve quality of life for an operator when creating C2 infrastructure regardless of the C2 platform used.

https://byt3bl33d3r.substack.com/p/taking-the-pain-out-of-c2-infrastructure

Parser for #Windows Account Security Questions stored in the LSA #secretsdump #python #impacket #informatique

https://podalirius.net/en/articles/windows-account-security-questions-stored-in-the-lsa/