d0pp3l6ang3r 
More details on #midnightblizzard ttp: targeted and precise password sprays to OAuth app chess moves. They must have had cloud app admin or global admin adjacent permissions to be able to this.
Uh oh!! Your Google drive user data may have been lost and cant be recovered !!
Good Morning, story so far on the next log4j level #vulnerability #CVE20234863 #CVE20235129
#0day #Chrome #iOS
- libwebp library is vulnerable to heap overflow and can lead to RCE.
- Apple assigned #CVE202341064 and #CVE202341061. Also actively exploited by #blastpass
- #Google assigned #CVE20235129 for Chrome 0day and also exploited
- Millions of apps and software use this library. See list sofar in 🧵
- #CVE20235129 was rejected by NVD earlier due to all this confusion of several vendors assigning CVEs affecting their products
- This will lead to vulnerability scanners not being able to correctly identify if your assets are affected with libwebp. #infosec #sectoot
Wow, MS figured out the consumer keys were captured via crash dump!!
#supercool
https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/
#dfir #infosec #sectoot
#supercool
https://msrc.microsoft.com/blog/2023/09/results-of-major-technical-investigations-for-storm-0558-key-acquisition/
#dfir #infosec #sectoot
Great #keynote #BHUSA2023 by @Azeria
Key takeaways:
- Chatgpt was hastily released despite knowing its risks.
- #Google was rightly delaying its model’s release but then came #openai
- #AI usecases and capabilities are exploding
- AI Risks are serious
- Phishing will expand to phishing AI agents.
- What we need as industry?
- Forensic AI tooling to analyze AI actions
- AI wont replace sec pros. It has introduced many risks related to LLMs that we need #infosec pros to understand and analyse.
- Have #IAM solutions for AI agents and for internal and business data used by LLMs
- Tech evolving without security isnt new to us, similarly we know how to study new systems and is a chance for security pros to identify new opportunities and foster new solutions
- AI village at #defcon #bhusa has 100+ talks.
Cant believe #infosec is filled with a lot of toxicity these days.
If the environment was pwned via eternal blue, that env was doomed already. No amount of dfir tooling or MSSP could have helped.
Any good faith pentest company would have raised alarm bells after point 3 and stopped the pentest. Good for you if client allowed it but it wasnt needed IMO.
Bragging about it does not do any good to do defenders.
#sectoot
If the environment was pwned via eternal blue, that env was doomed already. No amount of dfir tooling or MSSP could have helped.
Any good faith pentest company would have raised alarm bells after point 3 and stopped the pentest. Good for you if client allowed it but it wasnt needed IMO.
Bragging about it does not do any good to do defenders.
#sectoot
