Sys-Admin Up

page 70

Sys-Admin Up
2022-11-14 08:01:01: NSA Guidance on How to Protect Against Software Memory Safety Issues
2022-11-14 08:03:55: SharpGmailC2 Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol https://github.com/reveng007/SharpGmailC2
2022-11-15 11:42:40: Phishing campaigns continue to grow more common globally, with over one million attacks observed in Q2 2022 They offer an easy and attractive way for cybercriminals to generate revenue, steal credentials and spread malware. Many sophisticated phishing kits have been developed. Some of these are sold on underground forums using a Malware-as-a-Service model, while others are used exclusively by a single threat actor group. Some cybercriminals also offer lead generation services, selling packages of clicks to fraudulent sites... https://www.cyjax.com/app/uploads/2022/11/Fangxiao-a-Chinese-threat-actor.pdf
2022-11-15 15:02:31: https://cvetrends.com/
2022-11-16 12:21:02: Top 12 Advanced Git Commands To Know https://blog.openreplay.com/top-dozen-advanced-git-commands-to-know/
2022-11-16 17:20:15: Stealing passwords from infosec Mastodon - without bypassing CSP https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp
2022-11-16 17:22:47: OWASP API Top 10 (2019) https://owasp.org/www-project-api-security
2022-11-17 04:59:01: Build Apps in Deno with Frameworks such as React, Vue, Express, and more. https://deno.com/blog/frameworks-with-npm
2022-11-18 12:52:40: I Love Vue https://github.com/vuejs/core
2022-11-21 05:55:54: Build and Deploy a Node.js Microservices Application https://dev.to/pavanbelagatti/build-and-deploy-a-nodejs-microservices-application-2966
2022-11-23 06:06:42: Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDR https://assume-breach.medium.com/home-grown-red-team-lateral-movement-with-havoc-c2-and-microsoft-edr-300b7389b1f7
2022-11-23 06:07:42: Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor Notice https://www.proofpoint.com/us/blog/threat-insight/nighthawk-and-coming-pentest-tool-likely-gain-threat-actor-notice
2022-11-23 10:30:41: 7 Microservice Design Patterns To Use https://blog.openreplay.com/7-microservice-design-patterns-to-use/
2022-11-23 13:28:08: Infrastructure Resilience Planning Framework (IRPF) The Cybersecurity and Infrastructure Security Agency (CISA) has developed the Infrastructure Resilience Planning Framework (IRPF) to enable the incorporation of security and resilience considerations in critical infrastructure planning and investment decisions. NOVEMBER 2022 | VERSION 1.1: https://www.cisa.gov/sites/default/files/publications/Infrastructure-Resilience%20Planning-Framework-%28IRPF%29%29.pdf
2022-11-24 01:52:14: Hermit: Deterministic Linux for Controlled Testing and Software Bug-finding https://developers.facebook.com/blog/post/2022/11/22/hermit-deterministic-linux-testing/
2022-11-24 04:47:13: CVE-2021-40662 Chamilo LMS 1.11.14 RCE This article is about my third CVE that I got for finding a Remote Code Execution in a popular Learning Management Software named “Chamilo LMS”. https://hacklido.com/d/90-cve-2021-40662-chamilo-lms-11114-rce
2022-11-24 10:09:35: