Incident Responder interested in #DFIR #malware #reverseengineering #pentesting and #purpleteam . #fedora and #opensource fan
Proud of #EU
If you need Windows 11 (e.g. in a VM/sandbox) but don't want to create a Microsoft account:
oobe\bypassnroYou're welcome!
I guess evidence of execution first: amcache, prefetch, shimcache, ... Trying to identify time and user. If it's an admin, I'd ask them (but don't trust their answer entirely).
Then Windows event logs, Hayabusa for low hanging fruits.
Interesting thought maybe: since that's the AD management task, can it manage AD sync/ADFS and affect EntraID or Azure?
(I'm not an admin, so I would have to DuckDuckGo that. A quick search didn't answer that question)
Does anyone here know if dsa.msc can access Azure via AD sync, ADFS, or similar?
PS: and for all the insiders: then I'd join that session of DSA as a thief. 🙃
@lerxst @johntimaeus @0xabad1dea
Oh man, the graphics are worse than games from 20 years ago.
Ready Player One called and wants its idea back.
Recycling is a toxic lie.
Big brands and petrochemical corporations keep selling the public a convenient and comforting story to hide the hard truth: they simply have to STOP PRODUCING SO MUCH PLASTIC.
Wero is cool. Give it a try if you want to replace your PayPal (and live in the EU).
2 gunshot wounds, a firewall directory traversal and a heightened magic circle against evil. But I got out.
Really quit 🙃
PS: I quit my job
Three Days Grace - Get Out Alive
Finally came around to set up an automatic, encrypted backup on my Linux. When searching online you'll often find that the best option is to store your credentials unencrypted in a plaintext file.
Don't listen to these posts, you can store credentials encrypted in systemd:
I check the opposite: not . Very often the US is showing up, too!
I have no idea where this clip originates, but it's made me laugh repeatedly tonight so I'm sharing it with you in the hopes it will give you a little joy as well.
RE: https://infosec.exchange/@JessTheUnstill/115633192512888626
There's an excellent Masto tip by @JessTheUnstill quoted below.
To clarify a bit, you *can* mute conversations on other people's posts *if* the posts appear in your notifications. There are two scenarios where this isn't possible and the tip is needed:
- If you follow someone and they reply to a person you also follow, you will see their entire conversation without notifications. This tip lets you hide it.
- If you're seeing the same post boosted many times, you can use this tip to hide it.
Noch viel trauriger finde ich, dass sowas in allen Medien landet. Gibt's nichts anderes zu berichten? Vielleicht Mal was aus Asien, Afrika oder Südamerika?
In Afrika ist ne ganze Stadt überflutet worden. Kein Sterbenswort. Dass in Augsburg ein Poller verschoben wird ist wichtiger... 🫤
I got rid of Amazon entirely ~1 year ago and never regretted it. The quality degraded massively over the years and now all the political impact...
There are alternatives that work well on certain products and I get higher quality. Only downside is that you need multiple shops (not really an issue) but I can definitely recommend it!
RE: https://toot.cat/@freiksenet/115598578939693635
"The net result is that a huge number of our leaders are essentially stealing money, but they can't withdraw the money directly, so they have to spend the organization's capital on expensive nonsense to purchase status then convert that status into a better salary somewhere else at a really, really bad exchange rate."
I realized that in a lot of companies. Management doesn't have technical skill and doesn't understand what they're selling. So it's impossible to create a good (technical) strategy on how to sell their product. Plus, that would be slow (even though it ensures long-term stability).
The result is "networking", self-promotion, and short-term increases of stock price (e.g. by firing people aka decreasing costs), then jumping to the next company.
BINGO TIME! With CVE-2025-58034, Fortinet secures the crown in my Insecurity Appliance Bingo. This is technically a "high" severity vuln, but since it's being actively exploited and has landed a spot on CISA KEV, I'm admitting it.
Reaching a bingo took longer than expected, with FortiNet and Ivanti sitting at 5/6 vulns since about July. But now, there is a well-deserved winner.
I'm now taking new vuln class and vendor suggestions for next year's edition.
Really, Cisco had no vuln this year? 😯
The amount of incident response cases I had in the beginning of the year with Cisco ASA firewalls tops the Fortigate ones, I expected more vulns...
That probably meant lots of people didn't patch Cisco vulns from 2024 🤔
Meet the 'moral migrants' relocating from the West to russia in search of sanctuary
by Ivor Bennett, moscow correspondent - Sky News
