OSCP Goldmine (not clickbait)
Updates - October 2019
The October 2019 ATT&CK release updates techniques, Groups, and Software for both Enterprise and Mobile. The biggest change is the addition of cloud-focused techniques.
ATT&CK for Cloud
Yay RE101 and RE102 workshops are back online:
USA vs China: The new cold war on the horizon https://youtu.be/taAHtUDo18Q
Cycldek: Bridging the (air) gap: https://securelist.com/cycldek-bridging-the-air-gap/97157/
This photo has circulated in reports about the 2011 Occupy Wall Street protests https://factcheck.afp.com/photo-has-circulated-reports-about-2011-occupy-wall-street-protests
Hainan Island! Shopping in Hong Kong, Macau in gambling, Korean in plastic surgery, Japanese in actress, Thai in tourism, Vietnamese in woman!
p4c-ubpf: a New Back-end for the P4 Compiler
SenseTime’s American Axis
A Chinese company blacklisted by Washington for human rights abuse has hung onto some of its U.S. friends — and is hoping to blunt the sanctions.
One ring (zero) to rule them all. by Bitst0rm https://link.medium.com/tx9wfzr4L6
Sandworm Team, Russian GRU Main Center for Special Technologies actors, continue to exploit Exim mail transfer agent #vulnerability, CVE-2019-10149.
Zero 2 Automated + Exclusive MISP & Sandbox Access
Developed for those looking to further enhance their skills in the Malware Analysis/Reverse Engineering field + MISP & Sandbox Access
Valak: More than Meets the Eye https://www.cybereason.com/blog/valak-more-than-meets-the-eye
Breach Scenario - Retail Industry https://pentestlaboratories.com/2019/10/14/breach-scenario-retail-industry/
Persistence - COM #Hijacking
The Evolution of APT15’s Codebase 2020 https://www.intezer.com/blog/research/the-evolution-of-apt15s-codebase-2020/
BGP Show and Tell: Beginners
A Mastodon instance for info/cyber security-minded people.