Modern cyber adversaries utilize trusted cloud services for covert operations, exemplifying techniques like Living Off The Cloud (LOTC). These methods blend malicious activities with legitimate cloud traffic, making detection more difficult. #APTs #LivingOffTheCloud
Category: Interesting Stuff
BloodHound OpenGraph simplifies adding nodes and edges but requires a well-designed attack graph model for effective functionality. The article explains attack graph design principles, including graph components, edge directionality, node identifiers, and complex examples like ADCS and Golden Certificate attacks. #BloodHoundOpenGraph #AttackGraphModel #ADCS #GoldenCertificate…
This article emphasizes the importance of actively identifying and fixing unpatched or undisclosed vulnerabilities in open source software. It advocates for the role of vulnerability janitors in ensuring security, especially by securing CVE assignments for overlooked issues. #OpenSSF #CVE #OSSVulnerabilities
Cookies store metadata to maintain HTTP sessions in a stateless protocol, enabling websites to recognize users across visits. They include attributes like Domain, Path, and HttpOnly, which control scope and security, as demonstrated through a CNN example. #HTTPHeaders #HttpOnlyCookies
The article discusses how the shift to cloud infrastructure has increased security vulnerabilities due to misconfigurations in Azure, GCP, and AWS. Red teams exploit these weaknesses through credential enumeration, privilege escalation, and persistent access, emphasizing the importance of proper cloud security measures. #Azure #GCP #AWS #CloudMisconfigurations #PrivilegeEscalation
This article explains a step-by-step process for targeted password cracking using OSINT and various tools, including CeWL and Hashcat, with a focus on generating relevant wordlists and applying custom transformations. It emphasizes the importance of strategic reasoning and data analysis in cybersecurity penetration testing. #CeWL #Hashcat #PasswordCracking
The IT-Harvest State of Cyber 2025 report highlights a slowdown in overall cybersecurity market growth during H1 2025 compared to H1 2024, with AI Security leading sector growth despite challenges. Key trends include rising M&A activities, significant startup presence focused on AI Security, and notable vendor growth in various security domains. #ITHarvest #AISecurity #Cyber150
IBMβs Cost of a Data Breach Report 2025 reveals that global data breach costs have declined to USD 4.44 million, largely due to AI-powered defenses enabling faster breach containment, while the US breaches reached a record high of USD 10.22 million driven by regulatory fines and detection costs. The report highlights rising threats from AI-related breaches, shadow AI risks, and evolving attack techniques like AI-driven phishing and deepfake attacks, stressing the urgent need for AI governance and security investments. #IBMDataBreachReport #ShadowAI #AIDrivenAttacks #Ransomware #DataBreachCosts
Pass-the-Certificate is a sophisticated Kerberos privilege escalation method that exploits X.509 certificates and PKINIT extension to bypass traditional password-based authentication. It poses a significant threat to organizations by enabling long-lived, stealthy access and full domain compromise. #PassTheCertificate #Kerberos #ActiveDirectory #PKINIT #RBCD
LDEEP is an open-source tool used by security professionals to perform post-exploitation LDAP enumeration in Active Directory environments, helping identify misconfigurations and privilege escalation paths. It facilitates efficient data collection like user, group, and secret enumeration without relying on PowerShell or Windows-native tools. #ActiveDirectory #PrivilegeEscalation
This article explains the concept of Out-of-Band SQL Injection (OOB SQLi), highlighting when and how it is used, especially when traditional methods fail. It also provides examples of payloads for different databases and discusses mitigation strategies. #SQLi #BurpCollaborator
Faraz Ahmed shares his experience winning a PEN-200 Course and Certification Bundle from OffSec through a report writing contest, detailing his exam preparation and environment setup. His journey highlights tips, tools, and insights for cybersecurity enthusiasts pursuing OSCP certification. #OffSec #OSCP #CybersecurityJourney
This blog introduces key concepts of system design essential for understanding modern web applications, including proxies, load balancers, databases, caching, and microservices. It emphasizes the importance of these components in creating efficient, scalable, and secure web architectures. #Proxy #LoadBalancer #Microservices
This article highlights the importance of Windows forensic artifacts like Amcache.hve and Shimcache in detecting attacker activities and traces. It emphasizes monitoring for tampering with system backups such as RegBack, especially in Windows 10 and later, to enhance incident response capabilities. #Amcache #Shimcache #RegBack #WindowsForensics
Evil-noVNC is an advanced phishing technique that replicates real login environments inside the victimβs browser to bypass Multi-Factor Authentication (MFA). It captures live session data, including MFA codes and cookies, enabling full account takeover even with MFA enabled. #EvilnoVNC #AiTMattack