Thursday, August 01, 2019
Some of the Posts
Some of the posts I made as long ago as 2014 were in a format that didn't look right with a while background on the text, when I updated them though it placed them up to today's date. Sorry for any confusion, not that anyone is reading this.
InfoSec Update
SB (@SBousseaden)
Detecting UAC Bypass by Mocking Trusted Directories using Sysmon example was uploaded to the ATT&CK EVTX repo -> bit.ly/30YSEAB #threathunting #DFIR [125 evtx, more than 130 techniques✌️] , BTW same UACbypass used recently by TA505 APT group, consider multi spaces! pic.twitter.com/EIuL01b32B
BEST SKIMMER HUNTER Presale only for limited time
From July 22 to August 11
ElectronicCats (EC) is a startup founded in 2016, established in Aguascalientes, Mexico; its mission is to create hardware and embedded systems. In 2019, Electronic Cats has been working to launch the first commercial and user-friendly skimmer hunter.
Bank cards have information in their magnetic stripe that is used to validate transactions; Being static information, becomes one of the biggest disadvantages of this magstripe information. Most of the attackers use this limitation to seize the information using a skimming technique which occurs mainly in ATMs. The malicious attackers add a second card reader to obtain the information of the person who uses the ATM, PoS or terminal. Although, some cases come to light where some workers in establishments that had a second card reader in addition to the store's own PoS to perform such data theft.
https://hunter.electroniccats.com/
If You Were at Tony P's Talk Today
The books he mention are located here.
https://landing.google.com/sre/books/
A New Humble Bundle is out
HUMBLE BOOK BUNDLE: DATA ANALYSIS & MACHINE LEARNING BY O'REILLY
We've teamed up with O'Reilly for our newest bundle on data analysis and machine learning! Get ebooks like Advanced Analytics with Spark, Practical Statistics for Data Scientists, and more.
$711 WORTH OF AWESOME STUFF | PAY $1 OR MORE | DRM-FREE MULTI-FORMAT |
11,512 BUNDLES SOLD
https://www.humblebundle.com/books/data-analysis-machine-learning-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_4
An Introduction To Code Analysis With Ghidra
This article describes an approach for using Ghidra to perform malicious code analysis. Ghidra is a free software reverse engineering (SRE) framework developed by the National Security Agency (NSA) of the United States. It was released as open-source software in March 2019, making this powerful reverse engineering tool available to all, regardless of budget.
https://threatvector.cylance.com/en_us/home/an-introduction-to-code-analysis-with-ghidra.html
Detecting UAC Bypass by Mocking Trusted Directories using Sysmon example was uploaded to the ATT&CK EVTX repo -> bit.ly/30YSEAB #threathunting #DFIR [125 evtx, more than 130 techniques✌️] , BTW same UACbypass used recently by TA505 APT group, consider multi spaces! pic.twitter.com/EIuL01b32B
BEST SKIMMER HUNTER Presale only for limited time
From July 22 to August 11
ElectronicCats (EC) is a startup founded in 2016, established in Aguascalientes, Mexico; its mission is to create hardware and embedded systems. In 2019, Electronic Cats has been working to launch the first commercial and user-friendly skimmer hunter.
Bank cards have information in their magnetic stripe that is used to validate transactions; Being static information, becomes one of the biggest disadvantages of this magstripe information. Most of the attackers use this limitation to seize the information using a skimming technique which occurs mainly in ATMs. The malicious attackers add a second card reader to obtain the information of the person who uses the ATM, PoS or terminal. Although, some cases come to light where some workers in establishments that had a second card reader in addition to the store's own PoS to perform such data theft.
https://hunter.electroniccats.com/
If You Were at Tony P's Talk Today
The books he mention are located here.
https://landing.google.com/sre/books/
A New Humble Bundle is out
HUMBLE BOOK BUNDLE: DATA ANALYSIS & MACHINE LEARNING BY O'REILLY
We've teamed up with O'Reilly for our newest bundle on data analysis and machine learning! Get ebooks like Advanced Analytics with Spark, Practical Statistics for Data Scientists, and more.
$711 WORTH OF AWESOME STUFF | PAY $1 OR MORE | DRM-FREE MULTI-FORMAT |
11,512 BUNDLES SOLD
https://www.humblebundle.com/books/data-analysis-machine-learning-books?hmb_source=navbar&hmb_medium=product_tile&hmb_campaign=tile_index_4
An Introduction To Code Analysis With Ghidra
This article describes an approach for using Ghidra to perform malicious code analysis. Ghidra is a free software reverse engineering (SRE) framework developed by the National Security Agency (NSA) of the United States. It was released as open-source software in March 2019, making this powerful reverse engineering tool available to all, regardless of budget.
https://threatvector.cylance.com/en_us/home/an-introduction-to-code-analysis-with-ghidra.html
Tip from SB @SBousseaden
From SB
@SBousseaden
"if u see "devtools.selfxss.count" in cmd cmdline then likely it's #backswap banking trojan, also monitor changes to firefox user preferences "prefs.js", this malwr is a combin of smart tricks to inject JS within browsers with no proc code inj "
https://www.welivesecurity.com/2018/05/25/backswap-malware-empty-bank-accounts
@SBousseaden
https://www.welivesecurity.com/2018/05/25/backswap-malware-empty-bank-accounts
Howard's List
- Efficient use of ecological systems.
- Determining an efficient way to garner the energy from the sun, so that humans can migrate away from fossil fuels.
- Finding and getting to another planet that will support and sustain human life.
- Determining a way to better and more efficiently conserve and better use water.
- Educating people about the responsibility of reproduction.
- Educating people to become more tolerant and understanding of other cultures through language and custom classes.
- Creating more extensive and efficient transportation infrastructure (Better roads, better rail system, and more comprehensive public transportation).
- Getting chemicals and steroids out of our food supply systems. Ending "assembly line" style production of food.
- Curtailing the power of the pharmaceutical industry. Working to curtail the greed factor in the production of pharmaceuticals.
- Reducing the divorce rate. Divorce has systematically created subsequent dysfunctional generations of people.
- Discover a more efficient way to distribute food and water to the 8 billion plus humans in the world in effort to end poverty.
- End the IMF and Federal Reserve, or at least curtail their power and influence on the world economic system.
I took this from a GFI advertisment
"As a system admin, we know you're turning over every stone to find tools that make your life easier. Help is at hand with our guide to the top 10 free network monitoring and analysis tools!
http://www.wireshark.com Wireshark kicks off our list, being a network protocol analyzer andcapture utility. Captured data can easily be sent to another application for analysis, or filtered within WireShark itself.
http://pandorafms.com/?lng=en If you want to keep an eye on your servers, applications and communications, look no further than Pandora FMS. It can be configured to create alerts based on specific events,nd send notifications to administrators.
http://angryip.org Angry IP Scanner Scans IP addresses and ports, finding live hosts and providing you with information about them.
http://microsoft-network-monitor.en.s... When you're looking to capture packet data to analyze network traffic, turn to Microsoft Network Monitor. It has support for over three hundred public and Microsoft propriety protocols, as well as a wireless Monitor Mode.
http://www.telerik.com/fiddler
Fiddler captures HTTP between computers and the Internet to help with debugging. You see incoming and outgoing data, including encrypted HTTPS traffic, allowing you to test your website performance, or the security of your web applications.
http://www.netresec.com/?page=Network... Network Miner is classed as a Network Forensic Analysis Tool, and is used to capture packets. It then extracts files and images from that data, allowing you to reconstruct your users actions.
http://www.colasoft.com/capsa-free/ Another tool for monitoring, troubleshooting and analysing network traffic is Capsa Free. Not only does it have over 300 protocols, and the ability to create and customise them, but it's dashboard also allows you to see a summary of traffic stays, TCP/UDP conversations, and packet analysis.
http://www.softinventive.com/products... Total Network Monitor watches over your hosts and services, notifyingyou when something requires your attention.t's colorful interface lets you see what's wrong at a glance.
http://www.xirrus.com/Products/Networ... And don't miss Xirrus Wi-Fi Inspector which manages connections,locates devices, detects rogue access points, and has connection and speed quality tests.
http://www.zenoss.org Lastly, Zenoss Core keeps an eye on your applications, servers, storage, networking and virtualization giving youperformance and availability stats. It also has an advanced notification system.
http://technet.microsoft.com/en-us/sysinternals/bb545021.aspx
The Sysinternals site was created in 1996 by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.
With so much pressure on IT departments, can you afford not to take advantage of any free help you can get?"
Subscribe to:
Posts (Atom)