> I've released NAT Slipstreaming, a spooky new technique that allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall, just by the victim visiting a website. https://t.co/UlOnJPftTv Happy Halloween! pic.twitter.com/xorDXoh2uk [https://t.co/xorDXoh2uk] — Samy Kamkar (@samykamkar) October 31, 2020 [https://twitter.com/samykamkar/status/1322671073893126144?ref_src=twsrc%5Etfw] You can read about it on Samy's website here; Samy Kam…
Fantastic tool spotted here; Tip: Download Any Version of Windows 10 - Thurrott.comThanks to a new batch file, you can configure Microsoft’s Media Creation Tool to download any version of Windows 10, and not just the latest version.Thurrott.comThurrottfeed/ [https://www.thurrott.com/windows/windows-10/243391/tip-download-any-version-of-windows-10] It links to a github-hosted script here; Universal MediaCreationTool wrapper for all MCT Windows 10 versions from 1507 to 20H2 with business (Enterp…
A practical guide for managing sharing with OneDriveWith today’s reality of remote work and online learning, people need the ability to share content—documents, presentations, photos, videos, lesson plans, you name it—to get work done. And because of this, security around internal and external sharing is more important than ever before. While the abi… TECHCOMMUNITY.MICROSOFT.COMAnkita Kirti [https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/a-practical-guide-for-managing-sharing-wit…
Interesting article here by Teri Radichel (@2ndSightLab); SASE: Secure Access Service EdgeYou may have seen a new acronym floating around: SASE. I’ve been exploring the capabilities of this new class of security service offering. I talk about my take on security and cloud acronyms in my…Cloud SecurityTeri Radichel [https://medium.com/cloud-security/sase-secure-access-service-edge-1164a5ecaf55]…
Some useful FQDNs and IPs to block at the perimeter (at least): > Publishing my IoCs for WastedGholish (SocGholish loader/WastedLocker ransomware), involved in big incidents. hostnames, example hashes etc: https://t.co/jPPts8eBa7 YARA rule for generic detection: https://t.co/EuBMKc4wyy Most importantly block IP this address: 130.0.233.178 — Kevin Beaumont (@GossiTheDog) October 8, 2020 [https://twitter.com/GossiTheDog/status/1314192814289362944?ref_src=twsrc%5Etfw] In case the tweet disappe…