When Looking for SWIFT Audit Guidelines, Beware of the Customer Security Controls Framework
Blog Blog https://www.akamai.com/blog CySecBot CySecBot
Author: CySecBot
Toolsmith Tidbit: Windows Auditing with WINspect
WINSpect recently hit the toolsmith radar screen via Twitter, and the author, Amine Mehdaoui, just posted an update a couple of days ago, so no time like the present to give you a walk-through. WINSpect is a Powershell-based Windows Security Audit…
If you are submitting a request for help or advice please read this first.
If you are posting a request for help or advice make sure you provide enough details so others can help you. Things like model numbers, pictures if you can provide them, relevant details about what you’re trying to protect, etc.
For example, if you’re asking for help with a pre-installed alarm system make sure you include the Make and Model in your post. If you don’t have that information provide pictures of the keypad / control panel.
That said, do not post personally identifiable information. Do not make yourself a target to doxxing. Don’t post pictures or information that contain names, address, or PINs. Keep yourself, your family, and your property safe.
submitted by /u/gh5046
[link] [comments]
Toolsmith Release Advisory: Magic Unicorn v2.8
David Kennedy and the TrustedSec crew have released Magic Unicorn v2.8.
Magic Unicorn is “a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory, based on Matthew Graeber’s PowerShell attacks and the Powe…
The WireX Botnet: An Example of Cross-Organizational Cooperation
On August 17th, 2017, multiple Content Delivery Networks (CDNs) and content providers were subject to significant attacks from a botnet dubbed WireX. The botnet is named for an anagram for one of the delimiter strings in its command and control protoco…
Court Rulings Limit Privacy Protections From Data Residency
Jurisdictions around the world, including the European Union and Canada, are enacting laws and creating regulations forcing companies that collect personally identifiable information (PII) to store the data of their residents within their nati…
Toolsmith #127: OSINT with Datasploit
I was reading an interesting Motherboard article, Legal Hacking Tools Can Be Useful for Journalists, Too, that includes reference to one of my all time OSINT favorites, Maltego. Joseph Cox’s article also mentions Datasploit, a 2016 favorite for fe…
Evading Microsoft ATA > Another reason to use 2FA for Windows Admins
Nikhil “SamratAshok” Mittal has a great series of posts on how to avoid detection by Microsoft’s Advanced Threat Analytics (ATA).
We won’t say that you shouldn’t deploy ATA to monitor your network for suspicious behavior, especially if your licensing …
If everybody could read your email, are you secure?
Email is one of the most critical business tools and a major component of the lives of many people. At the same time, it seems to lack adequate security as the Clinton campaign email leaks and the publication of France’s Macron emails have sho…
India RSS website hacked by Anonymous
Today the Hacktivist group Anonymous successfully hacked the official rss.org website based on India as cyberguerrilla website claims. Anonymous said the RSS have killed a lot of innocents people and that is the reason for this RSS Data Leak.
The…