Tootfinder

The US withdrawing from many organisations including GFCE (Global Forum on Cyber Expertise) doesn’t look promising about their commitment to cybersecurity.
#us #cybersecurity

Withdrawing the United States from International Organizations, Conventions, and Treaties that Are Contrary to the Interests of the United States
MEMORANDUM FOR THE HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES By the authority vested in me as President by the Constitution and the laws of the United

New Ngrok domain available.,if you don’t use this service, you should block it as it is frequently used for data exfil and C2.
ngrok-agent[.]com
cc: @…
#cybersecurity

others) that are most important to assess the added value.
3. What concrete measures and actions may be taken at EU level to support the development and growth of the
EU open-source sector and contribute to the EU’s technological #sovereignty and #cybersecurity agenda?
4. What technology areas should be prioritised and why?
5. In what sectors could an increased use of open source lead to increased competitiveness and #CyberResilience?
2/2

Reliaquest has a post on attacker’s use of .SCR files to install remote access software. SCR (screensaver) files _are_ executable files. If you don’t already, please block .scr files from being emailed to your end users. #cybersecurity

New Campaign Uses Screensavers for RMM-Based Persistence
Treat screensavers and RMM tools like privileged software. ReliaQuest explores a campaign using these vectors to bypass defenses and maintain persistence.

RE: #cybersecurity

This NSE Checks for Ivanti EPMM MDM by requesting a known API endpoint.
#ivanti #nmap #cybersecurity
🔗

Ich teile mal hier diese interessante Diskussion auf administrator.de #administrator #cybersecurity #depol

RE: #cybersecurity but this seems like a good site for

RE: #cybersecurity folks. Having this bui…

RE: #cybersecurity

🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec

Just ran across this amazing-looking set of free DNS blocklists from Hagezi. Anyone use these? I can’t believe I’ve never seen these before. #cybersecurity
https://github.com/hagezi/dns-blocklis

GitHub - hagezi/dns-blocklists: DNS-Blocklists: For a better internet - keep the internet clean!
DNS-Blocklists: For a better internet - keep the internet clean! - hagezi/dns-blocklists

Team Cymru @… has a article on current TTPs used by Scattered Spider. Worth a read to stay up to date on this APT (Advanced Persistent Teenagers) #cybersecurity

Scattered Spider Attacks | Infrastructure and TTP Analysis
An in-depth analysis of Scattered Spider attacks, detailing the group’s infrastructure usage and TTPs to help defenders detect and disrupt activity earlier.

Sure, my computer password is also Louvre!
#Louvre #password #cybersecurity #Privacy

My company’s Cybersecurity Awareness training is ON-POINT: (For everything except #mastodon ) #cybersecurity

RE: #cybersecurity

RE: #cybersecurity news

Interesting article from #cybersecurity researchers at ITRes on yet another flavor of “EDR silencer” tactics, this time using a maliciously activated VPN connection that “sinks” or blocks traffic to EDR telemetry endpoints. Helpfully, they include detection and prevention techniques too, including likely the best idea, restricting by technical policy who can create VPN profiles.

SinkVPN: Redirecting endpoint cloud telemetry by abusing usermode VPN tunnels 
The article discusses SinkVPN, a technique that enables non-admin users to create malicious VPN connections that can divert and block cloud-bound traffic, evading security measures. It highlights t…

RE: #cybersecurity

RE: #cybersecurity