ITSEC News @itsecbot@schleuss.online

#introductions This bot is posting ITSEC related news from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @vulnbot

Star Wars: 1 Vulnhub Walkthrough - Hi friends, Today I am going to share a writeup for gaining root access for the vulnhub machine “s... https://www.hackingarticles.in/star-wars-1-vulnhub-walkthrough/ #ctfchallenges

ShellDredd #1 Hannah Vulnhub Walkthrough - Today we will solve a new boot2root challenge named “ONSYSTEM: SHELLDREDD # 1 HANNAH“. For penetra... https://www.hackingarticles.in/shelldredd-1-hannah-vulnhub-walkthrough/ #ctfchallenges

Healthcare: 1 Vulnhub Walkthrough - Today we are going to solve another boot2root challenge called “HEALTHCARE 1”. It is developed to ... https://www.hackingarticles.in/healthcare-1-vulnhub-walkthrough/ #ctfchallenges

List of HKEY_* / Windows Registry keys and subkeys to audit based on MITRE ATT&CK (and more) -  https://medium.com/@hannahsuarez/list-of-hkey-windows-registry-keys-and-subkeys-to-audit-based-on... https://tech-wreckblog.blogspot.com/2020/09/list-of-hkey-windows-registry-keys-and.html

WINDOWS SPLUNK LOGGING CHEAT SHEET - Win 7 - Win2012 -  https://static1.squarespace.com/static/552092d5e4b0661088167e5c/t/5a3187b4419202f0fb8b2dd1/151319... https://tech-wreckblog.blogspot.com/2020/09/windows-splunk-logging-cheat-sheet-win.html

Quantifying Threat Actors with Threat Box -  https://medium.com/@andy.c.piazza/quantifying-threat-actors-with-threat-box-e6b641109b11 https://tech-wreckblog.blogspot.com/2020/09/quantifying-threat-actors-with-threat.html

Lateral Movement Detection GPO Settings Cheat Sheet -  https://compass-security.com/fileadmin/Datein/Research/White_Papers/lateral_movement_detection_ba... https://tech-wreckblog.blogspot.com/2020/09/lateral-movement-detection-gpo-settings.html

MITRE SHIELD - Shield is an active defense knowledge base MITRE is developing to capture and organize -  https://shield.mitre.org/ https://tech-wreckblog.blogspot.com/2020/09/mitre-shield-shield-is-active-defense.html

Privilege Escalation Cheatsheet (Vulnhub) -  https://github.com/Ignitetechnologies/Privilege-Escalation https://tech-wreckblog.blogspot.com/2020/09/privilege-escalation-cheatsheet-vulnhub.html

Chili: 1 Vulnhub Walkthrough - Today we are going to solve another boot2root challenge called “Chili: 1“.  It’s available at Vuln... https://www.hackingarticles.in/chili-1-vulnhub-walkthrough/ #ctfchallenges

Firefox bug lets you hijack nearby mobile browsers via WiFi - Mozilla says users should update as soon as possible to Firefox v79 for Android. https://www.zdnet.com/article/firefox-bug-lets-you-hijack-nearby-mobile-browsers-via-wifi/#ftag=RSSbaffb68

Weekly Update 209 - Presently sponsored by: safepass.me helps you quickly secure your AD passwords and reduce the risk o... http://feedproxy.google.com/~r/TroyHunt/~3/5cyHqn-ahUw/ #weeklyupdate

The TikTok Ban: Security Experts Weigh in on the App’s Risks - With no hard evidence of abuse, are bans warranted? The real security concerns will likely come af... https://threatpost.com/tik-tok-ban-security-experts-dangers/159362/ #mobileappsecurity #securityconcerns #securityexperts #mobilesecurity #datacollection #surveillance #government #censorship #downloads #malware #privacy #appbans #dangers #tik-tok #spying #china

Stubborn WooCommerce Plugin Bugs Get Third Patch - Users of the Discount Rules for WooCommerce WordPress plugin are urged to apply a third and (hopef... https://threatpost.com/woocommerce-plugin-bug-allows-site-takeover/159364/ #discountrulesforwoocommerce #cross-siterequestforgery #cross-sitescriptingbug #vulnerabilities #websecurity #csrfattacks #woocommerce #wordpress #fylcart #ajax #xss

Threat Roundup for September 11 to September 18 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 11... http://feedproxy.google.com/~r/feedburner/Talos/~3/rMr2xENOthU/threat-roundup-0911-0918.html #vulnerabilities #threatroundup #ciscotalos #darkcomet #gandcrab #malware #dridex #emotet #remcos #arkei #talos #xpiro #shiz

Security Flaws & Fixes - W/E - 9/18/20 -  Netlogon Vulnerability Can Give Attackers Domain Admin Privileges (09/15/2020)Security firm Secur... https://tech-wreckblog.blogspot.com/2020/09/security-flaws-fixes-we-91820.html

Malware Watch - W/E - 9/18/20 -  MS-SQL Databases Targeted by New Cryptominer (09/16/2020)Cryptomining malware has been found burr... https://tech-wreckblog.blogspot.com/2020/09/malware-watch-we-91820.html

Data Breaches - W/E - 9/18/20 -  Bug in Staples Order Tracking System Leads to Data Breach (09/16/2020)Some online customers of th... https://tech-wreckblog.blogspot.com/2020/09/data-breaches-we-91820.html

CyberCrime - W/E - 9/18/20 -  Louisiana Court Documents Revealed in Ransomware Incident (09/14/2020)The Fourth Judicial Court o... https://tech-wreckblog.blogspot.com/2020/09/cybercrime-we-91820.html

Beers with Talos ep. #92: Trending in Your Network — Disinformation - Beers with Talos (BWT) Podcast episode No. 91 is now available. Download this episode and
subscribe ... http://feedproxy.google.com/~r/feedburner/Talos/~3/zbpevlIRdd8/beers-with-talos-ep-92-trending-in-your.html #beerswithtalospodcast #podcasts