S3cur1ty_Guy Says: Thank's for stopping by

Recent Articles PoC's

While you're here: Learn how to protect your assets

Recomended Resources Public domain research

“BriansClub” Hack Rescues 26M Stolen Cards

“BriansClub,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded…

It’s crowded in here!

We recently gave a presentation on Programming socket lookup with BPF at the Linux Plumbers Conference 2019 in Lisbon, Portugal. This blog post is a recap of the problem statement and proposed solution we presented.CC0 Public Domain, PxHereOur edge servers are crowded. We run more than a dozen public facing…

Good Morning, Jakarta!

Beneath the veneer of glass and concrete, this is a city of surprises and many faces. On 3rd October 2019, we brought together a group of leaders from across a number of industries to connect in Central Jakarta, Indonesia. The habit of sharing stories at the lunch table, exchanging ideas,…

Two NTLM vulnerabilities may allow full AD domain compromise

On October 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1166 and CVE-2019-1338, two serious vulnerabilities that may leading to a full Active Directory domain compromise. Two researchers from Preempt,  Yaron Zinar and Marina Simakov, discovered two security vulnerabilities in Microsoft’s NTLM authentication protocol that may allow attackers to bypass the MIC (Message…

Venator: information gathering on OSX systems

Some weeks ago I’ve already written about information gathering on OSX systems, related to the forensic investigation process. In my previous post, I’ve suggested OSXCollector as tool for a “light” forensic aquisition. Today I’d like to share another suggestion, another python script named Venator. Venator is developed and maintained by…
1 2 3 167