After facial recognition failed to recognize a monk's face and secure the transaction, the storekeeper sprang into action, fashioning makeshift eyebrows out of duct tape.

Somehow, it reportedly worked—proving that a little creativity (and duct tape) can go a long way.

Photos… pic.twitter.com/fcy61siQak

— Thai Enquirer (@ThaiEnquirer) December 2, 2024

Want to play a fun prank on an Azure admin you know?

1. Create an account in your own tenant, configure SMS MFA w your target's phone.
2. Log in, which sends an SMS.
3. Sit back and watch them as they try to figure out which account is compromised!
4. Repeat login until… pic.twitter.com/VzLr7UfaDo

— nyxgeek (@nyxgeek) December 1, 2024

NetExec has a new Module: Timeroast🔥

In AD environments, the DC hashes NTP responses with the computer account NT hash. That means that you can request and brute force all computer accounts in a domain from an UNAUTHENTICATED perspective!

Implemented by @Disgame_

1/3🧵 pic.twitter.com/C0rrAqXqSf

— Alex Neff (@al3x_n3ff) December 1, 2024

Have you every wanted to get into Windows Kernel Exploitation but don't know where to start? I'm going be releasing a series to get you from Windows 7 (x86) to Windows 11 (x64). You can find the first tutorial here:https://t.co/qrmha71eSK

— wetw0rk (@wetw0rk_bot) November 30, 2024

https://t.co/X5a4jE2Vip

This is about the first bug! It’s the CVE-2024-44308 ITW bug recently discovered in Apple Safari. I am currently developing a PoC code along with a brief explanation of this vulnerability.

— Dohyun Lee (@l33d0hyun) December 1, 2024