Sleepy — Python Tooling for Sleep

Sleepy — Python Tooling for Sleep

Sleepy — Python Tooling for SleepThank you to SpecterOps for supporting this research and to Sarah, Cody, and Daniel for proofreading and editing! Crossposted on the GitHub.TL;DR: You can use sleepy to automate common tasks when ...
SEC rules, cybersecurity, SEC cyber data breach rules

Why Biden’s EO on AI Conflates the Role of Red-Teaming

The AI executive order's broad language, particularly the role of red-teaming, prompts doubts about its practical implementation and effectiveness ...
Security Boulevard
Perfect Loader Implementations

Perfect Loader Implementations

Thank you to SpecterOps for supporting this research and to Lee and Sarah for proofreading and editing! Crossposted on GitHub.TLDR: You may use fuse-loader or perfect-loader as examples for extending an OS’s native ...
Site Takeover via SCCM’s AdminService API

Site Takeover via SCCM’s AdminService API

tl:dr: The SCCM AdminService API is vulnerable to NTLM relaying and can be abused for SCCM site takeover.Prior Work and CreditBefore I get started, I’d like to acknowledge some of the work previously ...
Financial Firms In The European Union Are Facing Strict Rules Around Cloud Based Services

Financial Firms In The European Union Are Facing Strict Rules Around Cloud Based Services

The post Financial Firms In The European Union Are Facing Strict Rules Around Cloud Based Services appeared first on Digital Defense ...
Praetorian GitHub Attack Toolkit (GATO) Demo

Phantom of the Pipeline: Abusing Self-Hosted CI/CD Runners

Introduction Throughout numerous Red Teams in 2022, a common theme of Source Control Supply Chain attacks in GitHub repositories has emerged. After many hours manually hunting for and exploiting these attack paths, ...
What is a Supply Chain Attack and How Can Organizations Defend Against Them?

What is a Supply Chain Attack and How Can Organizations Defend Against Them?

The post What is a Supply Chain Attack and How Can Organizations Defend Against Them? appeared first on Digital Defense ...
Understanding CVE Ranking and the Top CVEs

Understanding CVE Ranking and the Top CVEs

The post Understanding CVE Ranking and the Top CVEs appeared first on Digital Defense ...
What is the Relationship Between Ransomware and Phishing?

What is the Relationship Between Ransomware and Phishing?

The post What is the Relationship Between Ransomware and Phishing? appeared first on Digital Defense ...