🚨One more day until #defcon33! Check out blueteamvillage.org/btv-at-def-con… for our village schedule, CTF and movie night events. We're also in the Hacker Tracker app. Visit us at LVCC West Hall Level 2. We're in rooms 213-218. #blueteam #cybersecurity We can't wait to see you! 💙

Would you help a struggling pregnant woman? At Out Of The Box Security Conference in Bangkok I’ll talk about how I’ve hidden networking gear in a fake pregnancy belly, posed as cleaning staff in C-Suite offices, and (ultimately) escalate physical breaches to domain admin.

Lance Cain & Daniel Mayer shared examples of Jamf exploitation techniques available to threat actors in their #BHUSA briefing today, which included the introduction of two new tools: JamfHound & Eve.

Deeply regret to inform everyone there may be news and video proof coming out about me Unfortunately it’s all true and deepest apologies to my friends who were unaware of repercussions due to their proximity to me I am and continue to be the greatest dubstep hypeman of all time

Also:

Writing ReadMe files is insanely hard and requires a very high IQ I may never figure with stuff out

I am back to posting to ADSecurity.org in my free time (which I have again). I plan on adding new content relating to Active Directory & Azure AD (now Entra ID). First up is "Entra & Azure Managed Access Revisited". This article expands on one I wrote years ago about

The AD CS security landscape keeps evolving, and so does our tooling. 🛠️ Valdemar Carøe drops info on Certify 2.0, including a suite of new capabilities and refined usability improvements. ghst.ly/45IrBxI

Had an amazing time at DEF CON. Massive thank you to RedTeamVillage and Bug Bounty Village for letting me be a part of their program this year! #defcon33

"Turning Microsoft's Login Page into our Phishing Infrastructure". Super hot research from this year's DEF CON by Keanu Nys 🔥🚨 #phishing #redteam #defcon media.defcon.org/DEF%20CON%2033…

Now that DEF CON is over its time to decorate for Halloween

Dropping 15 MB golang binaries on client systems gives me the ick

#hackersummercamp is a wrap! It was great seeing old friends and making new connections this year! 🤝 A huge shout out to the new RedTeamVillage leadership team for putting together an amazing experience this year! Already looking forward to DEF CON next year! 🌟

Ian Adams congratulations, you're now a woman in tech 😂

Who doesn't like free creds?

Mike Felch (Stay Ready) Garrett - awesome and brilliant fella.

Hard truths about Active Directory... - It's going to be around for much much longer - Tiering isn't optional - The longer you avoid "cleaning up" the bigger your attack surface grows - Domain Controllers are not “just another server” - Running tasks and services as Domain Admin

Roblox How does it feel to be the first gaming company (ever) to ban people that are trying to protect children on your platform?

Just saw a sick live demo of wireless headphone hijacking that allows the attacker to perform the following without ever pairing the device. All the attacker has to do is be in range. - read/write arbitrary bytes to device - read headphones information - dump firmware info -