p4yback

@[email protected]
39 Followers
138 Following
90 Posts
Python 🐍 | Bash | Linux |
Enjoy CTFs and following the community. Looking to make the transition into #infosec next year. Learning and progressing day by day.
p4ybackDec 17, 2022
Lemons 🍋 almost perfect for my world famous lemon pie 🥧
p4ybackDec 5, 2022
Have you ever found a zero-day on your personal computer? This was a Local Privelage escalation bug from back in 2019. 5th computer I bought trying to escape this attacker to no avail. Ohh the memories.
https://www.exploit-db.com/exploits/48057
HP System Event Utility - Local Privilege Escalation

HP System Event Utility - Local Privilege Escalation. CVE-2019-18915 . local exploit for Windows platform

Exploit Database
p4ybackNov 29, 2022
The curious case of
https[:]//www.msn.com/spartan
p4ybackNov 29, 2022
p4ybackNov 23, 2022
https://thehackernews.com/2022/11/luna-moth-gang-invests-in-call-centers.html?m=1
Threat actors invest in a call center to socially engineer victims. (It’s some wild stuff when it happens to you I can assure you)
Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns

Luna Moth gang has invested "significantly" in call centers to target businesses with callback phishing campaigns.

The Hacker News
p4ybackNov 21, 2022
https://www.bleepingcomputer.com/news/security/google-releases-165-yara-rules-to-detect-cobalt-strike-attacks/
Google releases 165 YARA rules to detect Cobalt Strike attacks

The Google Cloud Threat Intelligence team has open-sourced YARA Rules and a VirusTotal Collection of indicators of compromise (IOCs) to help defenders detect Cobalt Strike components in their networks.

BleepingComputer
p4ybackNov 21, 2022
C2 running off a blockchain. 🤯
https://thehackernews.com/2022/11/google-wins-lawsuit-against-russians.html?m=1
Google Wins Lawsuit Against Russians Linked to Blockchain-based Glupteba Botnet

Google has won a lawsuit against two Russian nationals in connection with blockchain-based Glupteba botnet operations.

The Hacker News
p4ybackNov 21, 2022
https://thehackernews.com/2022/11/notorious-emotet-malware-returns-with.html?m=1
Notorious Emotet Malware Returns With High-Volume Malspam Campaign

Notorious Emotet malware has returned with renewed vigor as part of a large-volume malspam campaign, dropping payloads like IcedID and Bumblebee.

The Hacker News
p4ybackNov 18, 2022

“I feel like engineers are for changes not to keep things running”

Wow..just ..wow.

p4ybackNov 15, 2022

Finding malicious PyPI packages through static code analysis: Meet GaurdDog

https://securitylabs.datadoghq.com/articles/guarddog-identify-malicious-pypi-packages/

Finding malicious PyPI packages through static code analysis: Meet GuardDog | Datadog Security Labs

GuardDog is an open-source tool to identify malicious PyPI packages through source code and metadata analysis