🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Savage!

So you want to talk about the massive software supply chain intrusion & the most carefully-planned, complex espionage I’ve ever helped uncover? Start here: fireeye.com/blog/threat-re… 🤩 But then what?? Let’s talk about some post-compromise techniques...

Verifying myself: I am shamrock75 on Keybase.io. ZNjzX-smaogrUMg7eDuzENMymrcYNX2WPbyh / keybase.io/shamrock75/sig…

Decided to have some fun with our Panasonic airconditioning unit in hour house. Needed automation so created a library and tool. github.com/hacktobeer/go-…

Antivirus Artifacts III is out! -Directories -Processes -In-memory modules -API Hooks -Minifilter data -Services -Web hosts -Registry data Avira, F-Secure, Norton, TrendMicro, WebRoot, Kaspersky and more!♥️ Paper: cutt.ly/AV-Artifacts-I… Registry Dumps: cutt.ly/RegistryData

Google Reader, Google Cloud Print.....makes me sad :(

Agree, but don't come to Europe, move to Miðgarðr or something.

Very important information for the security community, especially researchers. Be safe out there! 🔐🔐 ❤️ ❤️

[1/2] Thrilled to be presenting at 𝗧𝗶𝗺𝗲𝘀𝗸𝗲𝘁𝗰𝗵 𝗦𝘂𝗺𝗺𝗶𝘁 𝟮𝟬𝟮𝟭 on Mar 10th! 📅 ✍ Registration's open and 𝗳𝗿𝗲𝗲: forms.gle/1D23n4SkoCPay1… If you're a 𝗗𝗙𝗜𝗥 ninja 🥷 or a complete newbie 🤓 and want to hear the latest on Timesketch ⏳🔍, or learn about

Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent 🤨 github.com/irsl/gcp-dhcp-…

Iv'e created Gist with exploitation detection ideas and rules I'll update this gist frequently #log4j #log4jrce CVE-2021-44228 gist.github.com/Neo23x0/e4c8b0…

We’ve made the determination that #Log4J is so bad we’re going to try and roll out at least some protection for all Cloudflare customers by default, even free customers who do not have our WAF. Working on how to do that safely now.

Ghidra Version 10.1 released! *Remediates the Log4J vulnerability* Includes many new features/capabilities, performance improvements, bug fixes, and many pull-request contributions. Full what's new: htmlpreview.github.io/?https://githu… Release is here: github.com/NationalSecuri…

You can use a point & click canarytoken from canarytokens.org to help test for the #log4j / #Log4Shell issue. 1) visit canarytokens.org; 2) choose the Log4shell token; 3) enter the email address you wish to be notified at; 4) copy/use the returned string...

This is the maintainer who fixed the vulnerability that's causing millions(++?) of dollars of damage. "I work on Log4j in my spare time" "always dreamed of working on open source full time" "3 sponsors are funding Ralph Goers's work: Michael, Glenn, Matt" People, what are we doing.

Was reminded of this image.

When the dust settles, subscribing to comments on SwitHak (👁)'s BlueTeam CheatSheet * Log4Shell* is gold. 🛎️ #log4j #Log4Shell gist.github.com/SwitHak/b66db3…