syro
@0xsyr0.bsky.social
Cybersecurity Specialist. Offensive Operator. Adversary Hunter. Crafting creative solutions for not-yet-existing problems. Hobby flag collector.
Reposted by syro
MITRE warns that funding for critical CVE program expires today
MITRE warns that funding for critical CVE program expires today
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.
www.bleepingcomputer.com
April 16, 2025 at 6:26 AM
MITRE warns that funding for critical CVE program expires today
Reposted by syro
We’re hiring a mid-to-senior defensive consultant to help mature detection programs, identify silent adversaries, and develop cutting-edge training content. Ready to make an impact?
Apply today ▶️ ghst.ly/4fKc7f8
Apply today ▶️ ghst.ly/4fKc7f8
November 26, 2024 at 9:51 PM
We’re hiring a mid-to-senior defensive consultant to help mature detection programs, identify silent adversaries, and develop cutting-edge training content. Ready to make an impact?
Apply today ▶️ ghst.ly/4fKc7f8
Apply today ▶️ ghst.ly/4fKc7f8
Reposted by syro
DualCore and I spoke at the Red Team Village this year. Here are the slides. QR code with link to gist with all the reference links on last page. Unfortunately it wasn't recorded.
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
Modern Red Teaming: macOS, K8s, and Cloud - RTV 24 (Public)
Modern Red Teaming: macOS, K8s, and Cloud Carnal0wnage int0x80
docs.google.com
November 24, 2024 at 7:35 PM
DualCore and I spoke at the Red Team Village this year. Here are the slides. QR code with link to gist with all the reference links on last page. Unfortunately it wasn't recorded.
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
docs.google.com/presentation...
#redteam #purpleteam #redteamvillage
Reposted by syro
Reposted by syro
Oh yeah guess I should post here as well. New Mythic agent released: github.com/MythicAgents...
GitHub - MythicAgents/Hannibal: A Mythic Agent written in PIC C.
A Mythic Agent written in PIC C. Contribute to MythicAgents/Hannibal development by creating an account on GitHub.
github.com
November 20, 2024 at 9:10 PM
Oh yeah guess I should post here as well. New Mythic agent released: github.com/MythicAgents...
Reposted by syro
Not many people are willing to go through the effort of writing an agent in C, and of them, very few are willing (or able) to open source it.
@silentwarble.bsky.social
went beyond even that and also released a blog about it! silentwarble.com/posts/making... check them out!
@silentwarble.bsky.social
went beyond even that and also released a blog about it! silentwarble.com/posts/making... check them out!
a shiba inu dog is sitting on a couch with a straw in its nose .
ALT: a shiba inu dog is sitting on a couch with a straw in its nose .
media.tenor.com
November 20, 2024 at 6:20 PM
Not many people are willing to go through the effort of writing an agent in C, and of them, very few are willing (or able) to open source it.
@silentwarble.bsky.social
went beyond even that and also released a blog about it! silentwarble.com/posts/making... check them out!
@silentwarble.bsky.social
went beyond even that and also released a blog about it! silentwarble.com/posts/making... check them out!
Reposted by syro
Awesome new addition to krbrelayx by Hugow from Synacktiv: www.synacktiv.com/publications...
Relaying Kerberos over SMB using krbrelayx
www.synacktiv.com
November 20, 2024 at 4:02 PM
Awesome new addition to krbrelayx by Hugow from Synacktiv: www.synacktiv.com/publications...
Reposted by syro
If you missed Part 4 in our What is Tier Zero webinar series hosted by Jonas Bülow Knudsen, @martinsohn.dk & @tifkin.bsky.social last week, you can watch the full presentation on demand now!
👀: ghst.ly/4eSssxL
👀: ghst.ly/4eSssxL
November 19, 2024 at 9:51 PM
If you missed Part 4 in our What is Tier Zero webinar series hosted by Jonas Bülow Knudsen, @martinsohn.dk & @tifkin.bsky.social last week, you can watch the full presentation on demand now!
👀: ghst.ly/4eSssxL
👀: ghst.ly/4eSssxL
Reposted by syro
Defenders use cross-origin requests through CSS url() or injected JS to leak your phishing URL in the HTTP Referer header.
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Clipping the Canary’s wings: Bypassing AiTM Phishing Detections | Spotit insights
insights.spotit.be
November 18, 2024 at 11:29 AM
Defenders use cross-origin requests through CSS url() or injected JS to leak your phishing URL in the HTTP Referer header.
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Today, I've been reminded about the excellent post by Keanu Nys, which contains a lot of great evasion ideas!
insights.spotit.be/2024/06/03/c...
Reposted by syro
I just posted the latest ~ this week in security ~, my free weekly cybersecurity newsletter that has all the cyber news you need to know from the week, plus fun stuff and cats. It's goes out every Sunday, and doesn't track opens or link-clicks.
Sign up / RSS / read online: this.weekinsecurity.com
Sign up / RSS / read online: this.weekinsecurity.com
~this week in security~
a free cybersecurity newsletter by @zackwhittaker, delivered weekly.
this.weekinsecurity.com
November 17, 2024 at 4:24 PM
I just posted the latest ~ this week in security ~, my free weekly cybersecurity newsletter that has all the cyber news you need to know from the week, plus fun stuff and cats. It's goes out every Sunday, and doesn't track opens or link-clicks.
Sign up / RSS / read online: this.weekinsecurity.com
Sign up / RSS / read online: this.weekinsecurity.com
