malCOM

@[email protected]
344 Followers
314 Following
84 Posts
There's always more to the story than you know.
http://ericazelic.medium.com
IUnknown
Security Consultant
malCOMFeb 8, 2023
The bird site is saying I've reached my daily limit of follows too. I haven't followed anyone new today LOL
malCOMFeb 8, 2023
Hacker News 50Feb 8, 2023

Twitter starts limiting how many Tweets you can post per Day

Link: https://forum.cktn.de/t/twitter-starts-limiting-how-many-tweets-you-can-post-per-day/493
Discussion: https://news.ycombinator.com/item?id=34715890

#twitter

malCOMFeb 8, 2023
NetBlocksFeb 8, 2023
ℹ️ Note: Twitter is experiencing international outages affecting website, mobile app and features including posting and retweeting; incident not related to country-level internet disruptions or filtering #TwitterDown
malCOMFeb 8, 2023
Welp, the bird site is broken. It says I've reached my daily tweet limit... after 3 tweets.
malCOMJan 23, 2023
Clément LabroJan 20, 2023

For this edition of Insomni'hack #INS23, I created my first ever Windows challenge. 🤗​ It is inspired by what I do when I search for userland LPE/RCE vulnerabilities. 😉​

I'm not a #CTF player myself, but I bet this type of challenge is rather uncommon.

If you wish to participate, here is the link. 🙂​

https://teaser.insomnihack.ch/

Insomni'hack Teaser - Insomni'hack Teaser

malCOMJan 21, 2023

If you call mshtml to run inline VBScript active directory enumerations from a position independent shellcode beacon, will it get blocked? This is the question I will answer this weekend.

What are you doing this weekend? Oh that's right, most of you are at schmoo

malCOMDec 22, 2022
racheltobac Dec 22, 2022
I always talk about how useful Data Brokerage sites are in human hacking (they're the first step in OSINT before launching the attack). Which is why I'm stoked to be partnering with delisting company DeleteMe on a virtual event January 25th at 1pm ET where I chat with CEO Rob Shavell about how I use Data Brokerage sites in my hacking, why I recommend delisting to everyone for their security and privacy, and have a live Q&A with the audience. Please join us for this free event, all are welcome. https://b2b.joindeleteme.com/webinar-january-2023
DeleteMe Webinar

Join us on 1/25/23 with privacy expert Rob Shavell, CEO of DeleteMe, and ethical hacker Rachel Tobac, CEO of Social Proof Security.

malCOMDec 19, 2022
pdp11hackerDec 19, 2022
I wrote a blog post for work recently about how to prioritize vulnerabilities so you can meaningfully improve your security posture even without fixing all-of-the-things.
https://www.crowdstrike.com/blog/how-to-leverage-crowdstrike-falcon-spotlight-to-prioritize-vulnerabilities/
How to Leverage CrowdStrike Falcon Spotlight to Prioritize Vulnerabilities

This blog highlights the importance of effectively prioritizing vulnerabilities and shows how Falcon Spotlight can be used to do so effectively and with minimal effort.

crowdstrike.com
malCOMDec 19, 2022
Jerry 🦙💝🦙Dec 18, 2022
Infosec.exchange crossed 40000 accounts a few minutes ago. 7 weeks ago, we had ~180 active accounts.
malCOMDec 18, 2022
Sophos X-OpsDec 5, 2022

Like a bad penny, an effective malware-propagation tactic will just keep turning up.

We note with interest that other security researchers have also recently spotted the venerable sideloading attack we wrote about earlier this month... #infosec #threatintel #ioc #TheWormCircus

https://news.sophos.com/en-us/2022/11/03/family-tree-dll-sideloading-cases-may-be-related/

Family Tree: DLL-Sideloading Cases May Be Related

A threat actor’s repeated use of DLL-hijack execution flow makes for interesting attack results, including omnivorous file ingestion; we break down five cases and find commonalities

Sophos News