0xBughunter🤖 In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang...
📝 Other noteworthy stories that might have slipped under the rada...
📰 SecurityWeek
🖥️ GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
📝 A disgruntled res...
📰 GreatXML zero-day BitLocker bypass doesn’t seem to work, yet | CSO Online
🤖 Bernie Sanders’ AI Sovereign Wealth Fund Plan
📝 Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week...
https://www.schneier.com/blog/archives/2026/06/bernie-sanders-ai-sovereign-wealth-fund-plan.html
📰 Schneier on Security
Bernie Sanders’ AI Sovereign Wealth Fund Plan - Schneier on Security
Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI, with virtually no democratic input, who stand to become even richer and more powerful than they are today?” We agree entirely that this is one of the most potent questions facing global democracy today. Our book, Rewiring Democracy, surveys the emerging uses for and impacts of AI in democracy around the world and reaches the same conclusion: that the most urgent risk posed by AI is the ...
🏛️ Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
📝 Pharmaceutical giant Novo Nordisk says data related to c...
📰 www.theregister.com - Articles
r1cksecEDRChoker uses Policy-based Quality of Service (QoS) to set hard bandwidth caps (throttling) on Endpoint Detection and Response (EDR) agents, causing them to always time out - effectively blocking them.
GitHub - TwoSevenOneT/EDRChoker: A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.
A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server. - TwoSevenOneT/EDRChoker
HabrВам не нужен BloodHound
Изначально цели у меня свергнуть с пьедестала популярные сетевые инструменты типа BloodHound и иже с ними не было. Нет ее и сейчас. У них было, есть и будет заслуженное место в арсенале redteam и blueteam‑команд. Все нижеописанное можно воспринимать с легкой иронией, как необычный побочный эффект моих изысканий. Вопрос у меня был простой — какие компоненты подсистемы COM лежат в основе AD? Если вкратце, то Windows управляет AD через ADSI — Active Directory Service Interfaces. Это довольно замороченная COM‑абстракция над LDAP, которую использует сама Windows, когда компоненты, подключенные к домену, запрашивают каталог. Её используют процессы групповой политики, оснастки MMC и так далее И, не сказать, чтобы прям совсем неожиданно, как побочный эффект ковыряния, вдруг обнаружилось, что вам не нужно самому пытаться построить топологию локальной сети под управлением AD — Windows это уже сделала за вас. И попросить у Windows эти результаты может кто угодно. Даже простой пользователь, без повышенных прав. Поймать BloodHound'а
hoek 💎I was tired of digging through endless random cybersecurity lists, so naturally I built another random cybersecurity list - just cleaner, prettier and actually organized.
Hack Hub is a curated directory of useful security resources.
#CyberSecurity #InfoSec #Hacking #EthicalHacking #Pentesting #RedTeam #BlueTeam #DFIR #OSINT #ThreatIntel #MalwareAnalysis #BugBounty #CloudSecurity #MobileSecurity #OpenSource #SecurityTools #SecurityResearch #Linux #Hackers #Tech
Using Exchange Online (or on-premises exchange in hybrid mode) in combination with an external MX record, such as a third-party email server or spam protection solution, can allow the spoofing of emails from any sender to any recipient in the target tenant.
🛡️ UK move to filter photos and...
📝 UK Prime Minist...
📰 UK move to filter photos and messages triggers encryption worries for CISOs | CSO Online
This post demonstrates how command-line obfuscation can bypass EDR detections
https://www.wietzebeukema.nl/blog/bypassing-detections-with-command-line-obfuscation
Bypassing Detections with Command-Line Obfuscation
Defensive tools like AVs and EDRs rely on command-line arguments for detecting malicious activity. This post demonstrates how command-line obfuscation, a shell-independent technique that exploits executables’ parsing “flaws”, can bypass such detections. It also introduces ArgFuscator, a new tool that documents obfuscation opportunities and generates obfuscated command lines.