Mastodawn

jreisdorffer Dec 14, 2022

Collaborative research done by #Vigilance DFIR, #SentinelLabs, S1 Research & Development and our friends at Mandiant: https://www.sentinelone.com/labs/driving-through-defenses-targeted-attacks-leverage-signed-malicious-microsoft-drivers/ #POORTRY #STONESTOP

Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers

Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.

SentinelOne

jreisdorffer Nov 17, 2022

Security Onion 🧅Nov 12, 2022

Looking for a fun #Infosec #CyberSecurity project for the weekend? 😀

Want to practice your #ThreatHunting 🔍 and #IncidentResponse skills?

Install #SecurityOnion 🧅 in a VM:
https://docs.securityonion.net/en/2.3/first-time-users.html

Then follow along with our recent quick #malware analysis blog posts:
https://blog.securityonion.net/search/label/quick%20malware%20analysis

First Time Users — Security Onion 2.3 documentation

jreisdorffer Nov 16, 2022

Good start: https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp

Stealing passwords from infosec Mastodon - without bypassing CSP

The story of how I could steal credentials on Infosec Mastodon with a HTML injection vulnerability, without needing to bypass CSP. Everybody on our Twitter feed seemed to be jumping ship to the infose

PortSwigger Research

jreisdorffer Nov 16, 2022

J. A. Guerrero-Saade Nov 14, 2022

Man, imagine how good that Lapsus$ PLEX server must be...