November 8, 2022

                            November 8, 2022

                November 8, 2022

                        Between Two Nerds is a weekly discussion between Tom a Uren and myself. We cover interesting topics, and this week’s show is no exception. Feast your occipital lobes on this: 

https://www.risky.biz/BTN12/
-
Administrivia: I’m still figuring out how to incorporate Mastodon content. Right now I copy the content and include a link to the post. Im not sure I like it. I’ll keep trying. Why not subscribe and join me on this journey?
Subscribe now
-

-
Awesome Malware Techniques - A curated list of resources to analyse and study malware techniques:

            GitHub - fr0gger/Awesome_Malware_Techniques: This is a repository of resource about Malware techniques
            This is a repository of resource about Malware techniques - GitHub - fr0gger/Awesome_Malware_Techniques: This is a repository of resource about Malware techniques

by @fr0gger@mastodon.social

            Philippe Lagadec: "Awesome Malware Techniques - A curated list of re…" - Mastodon
            Attached: 1 image

Awesome Malware Techniques - A curated list of resources to analyse and study malware techniques:
https://github.com/fr0gger/Awesome_Malware_Techniques
by @fr0gger

-
A new CrackMapExec module just landed courtesy of our Aurélien Chalot.
It makes use of token impersonation to execute commands as different logged in users (ala meterpreter's incognito module originally from Luke Jennings).
Aurélien did a full writeup of his work, as well as released a stand alone tool.
Writeup: https://sensepost.com/blog/2022/abusing-windows-tokens-to-compromise-active-directory-without-touching-lsass/
Standalone tool: https://github.com/sensepost/impersonate
CME commit: https://github.com/Porchetta-Industries/CrackMapExec/pull/601

            SensePost: "A new CrackMapExec module just landed courtesy of…" - Infosec Exchange
            Attached: 1 image

A new CrackMapExec module just landed courtesy of our Aurélien Chalot.

It makes use of token impersonation to execute commands as different logged in users (ala meterpreter's incognito module originally from Luke Jennings).

Aurélien did a full writeup of his work, as well as released a stand alone tool.

Writeup: https://sensepost.com/blog/2022/abusing-windows-tokens-to-compromise-active-directory-without-touching-lsass/

Standalone tool: https://github.com/sensepost/impersonate

CME commit: https://github.com/Porchetta-Industries/CrackMapExec/pull/601

-
Dmitri Alperovitch @DAlperovitch
Russian Aerospace Forces conducted significantly more extensive fixed-wing strike operations during the first days of the invasion than has been previously documented, while Ukrainian air-defence capabilities were suppressed by initial attacks

rusi.orgThe Russian Air War and Ukrainian Requirements for Air DefenceFurther Western support is needed to ensure that Kyiv can counter Moscow’s updated approach to the air war in Ukraine.
3:19 PM ∙ Nov 7, 2022
233Likes58Retweets-
U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud

             Southern District of New York |  U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | United States Department of Justice

            Stolen $3bn Bitcoin mystery ends with popcorn tin discovery
            James Zhong pleads guilty to the 2012 hack as police find stash of 50,000 Bitcoin.

-
NCSC UK @NCSC
Artificial intelligence (AI) and machine learning (ML) are increasingly being used in every aspect of our life.

We have developed comprehensive principles to help protect AI and ML systems against exploitation. 
ncsc.gov.ukIntroducing our new machine learning security principlesWhy the security of artificial intelligence (AI) and machine learning (ML) is important, how it’s different to standard cyber security, and why the NCSC has developed specific security principles.3:12 PM ∙ Nov 7, 2022
21Likes19Retweets

Microsoft sued for piracy through CoPilot.

Press conference on draft findings of EP spyware inquiry | News | European Parliament

On Tuesday 8 November, Sophie In ‘t Veld, the rapporteur for the Inquiry Committee investigating Pegasus and equivalent spyware, will present a first version of their results.

Catalin Cimpanu: ""On Tuesday 8 November, Sophie In ‘t Veld, the ra…" - Mastodon

November 8, 2022

GitHub - fr0gger/Awesome_Malware_Techniques: This is a repository of resource about Malware techniques

This is a repository of resource about Malware techniques - GitHub - fr0gger/Awesome_Malware_Techniques: This is a repository of resource about Malware techniques

Philippe Lagadec: "Awesome Malware Techniques - A curated list of re…" - Mastodon

Attached: 1 image Awesome Malware Techniques - A curated list of resources to analyse and study malware techniques: https://github.com/fr0gger/Awesome_Malware_Techniques by @fr0gger

SensePost: "A new CrackMapExec module just landed courtesy of…" - Infosec Exchange

U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud

Southern District of New York | U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | United States Department of Justice

Stolen $3bn Bitcoin mystery ends with popcorn tin discovery

James Zhong pleads guilty to the 2012 hack as police find stash of 50,000 Bitcoin.