Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data
Okay, this whole situation with the North Korean hackers is pretty wild, right? 
That "Contagious Interview" scheme they've cooked up? Seriously next-level stuff. And now they're apparently pushing out new versions of OtterCookie, V3 and V4 – talk about constant evolution! It's a stark reminder: social engineering is, and sadly remains, a huge part of their playbook.
So, what's crucial on our end?
First off, employee awareness training isn't just a checkbox item; it's vital. Then there's vetting new applicants – really digging in, especially looking out for any unusual VPN usage. And let's not forget regular penetration tests. I'm talking about the real deal, not just some automated scan ticking boxes.
From my pentester's seat, I see it day in, day out: social engineering just *works*. That's why awareness is absolutely everything. And honestly, clients really appreciate it when you can show them just how easily these things can happen, making the invisible visible.
What's your take on this? Ever dealt with similar attacks? What are your go-to strategies for bolstering defenses? 
Let's hear it.
Wow, the whole situation with proxy services is just nuts, right? And Operation Moonlander? Man, it really hammers home how vital it is to lock down your IoT devices. Seriously, those End-of-Life (EoL) gadgets are basically sitting ducks for cybercrooks.
Turns out, four Russians and one Kazakh individual were raking in millions with services like anyproxy.net and 5socks.net. Get this: their botnet was built from thousands of infected IoT and, you guessed it, EoL devices.
It's pretty wild how many businesses are still chugging along with outdated hardware and software. Here's the thing: regular penetration tests and keeping everything updated? That's non-negotiable. And those automated scans? They're just scratching the surface, really.
So, what're your biggest headaches when it comes to IoT security? Let's talk!
Feeling that CVE overload? Yeah, we've all been there. Patch Day often feels more like Patch *Week*, right? And then you're left wondering: what *really* needs our attention first?
CVSS scores are a good starting point, no doubt. But let's be real, they don't show if something's *actually* being exploited out in the wild. EPSS? It definitely helps paint a clearer picture, but at the end of the day, it’s still just a probability game, isn't it?
From my pentester's seat, here's the deal: attackers aren't usually looking for a challenge. They're hunting for the easiest way in. Sure, vulnerabilities are on the radar, but honestly? Misconfigurations, the lack of MFA, and similar slip-ups – those are often the real culprits, the low-hanging fruit.
That's why we've got to shift our thinking. It's not just about "Vulnerability Management" anymore. We need to be all in on "Threat Mitigation" and "Risk Reduction." Think: shrinking that attack surface, truly embracing Zero Trust principles, and really hardening those baselines. Automation is a fantastic ally in this, don't get me wrong. But it's no substitute for the sharp eyes and know-how of seasoned security pros.
So, how are *you* tackling prioritization with all this noise? What's your game plan for sifting through it all?
AI agents? Super handy, yeah, but what's the deal with security? Sure, they're awesome for automating tons of stuff and simplifying our lives. But, let's be real, is anyone *really* thinking about the potential downsides? We're talking data breaches, misuse... you name it, I've probably seen it.
It seems like so many businesses are jumping on the AI bandwagon without *truly* vetting how secure these tools are. Now, from a pentester's perspective, like mine, every single AI application is just another potential bullseye for attackers. That means robust access controls, solid input validation, and – you guessed it – thorough penetration testing are absolute must-haves!
And honestly? Those automated scans? They're often no match for a determined human attacker. We've got to put on our hacker hats and sniff out those weak spots before the bad guys do. It's not just about selling a service or tool; it's about making sure clients understand how to use it securely to get real value.
So, what's your take on AI security? Run into any nasty surprises or unexpected challenges yet? Spill the beans in the comments!
Whoa, hold on a sec! RMM tools being misused down in Brazil? Seriously? They're dishing out fake invoices using Dropbox links, and guess who they're targeting? The higher-ups. As someone who does pentesting for a living, I've seen this kind of thing countless times: perfectly legitimate tools getting weaponized.
Here’s the deal: a lot of companies just don't vet their software properly. And those trial versions of RMM tools? Man, they can be like leaving your front door wide open for attackers. 
That's why employee training is absolutely key! Oh, and let's not forget about conducting *real* penetration tests. Relying solely on scanners just won't cut it; they simply don't catch everything.
What are your experiences with RMM security? I'd love to hear your insights and tips! Spill the beans below! 
Heard the latest on Qilin Ransomware? They're apparently using NETXLOADER now. Seriously nasty stuff, isn't it? And the kicker? These loaders are incredibly sly; standard AV software often just sails right past them.
This is a wake-up call, folks. Businesses *have* to start taking security seriously and actually invest in it. We're talking essential stuff like training your team, really locking down your systems (hardening, you know?), and getting regular pentests done. And let's get one thing straight: automated scans? They're NOT a substitute for genuine penetration testing. You need that human brain, that intuition, which AI tools, as smart as they're getting, just can't replicate yet.
So, what's your take? Where do you think the biggest vulnerabilities are lurking in your organization?
Whoa, SonicWall SMA in the spotlight again? 
Feels like it was *just* patched, and bam, another RCE vulnerability pops up.
So, get this: SSL-VPN users can apparently now trigger factory resets. And it seems attackers can even sneak shell commands through to admins. Sounds like a party for the bad guys, but a real headache for admins, right? 
Word on the street is CVE-2025-32819 might be a patch bypass, and it's already been exploited as a zero-day. This one's hitting the SMA 100 Series (that’s your 200, 210, 400, 410, and 500v models). So, listen up folks: updating to 10.2.1.15-81sv isn't just a suggestion, it's a must-do! But hold on, just hitting 'update' isn't enough. You've *got* to dig into your logs and systems to check for any signs of compromise.
This is exactly why manual pentests are worth their weight in gold – automated scans often fly right past these kinds of sneaky issues. What’s your take on these seemingly constant "fix-it-again" situations? Super frustrating, or just part of the security landscape these days? Let me know!
So, a client hit me with this today: "We've got tons of security tools, so we *must* be safe, right?" My face: 
If only it were that simple...
Here's a wild stat for you: a staggering 61% of companies have been breached, even though they're juggling an average of 43 security tools. This just goes to show, piling on more tools doesn't automatically boost your security. What's the real game-changer? It's all in the **configuration!**
As a pentester, I see this scenario play out constantly. Businesses will pour money into the latest and greatest tools, but then the foundational stuff? Often overlooked. Seriously, getting regular pentests (and I'm talking thorough ones, not just some automated scans!) is absolutely vital. Plus, "Security by Design" isn't just a trendy phrase; it’s a mindset you actually have to live and breathe.
Over to you: what are the most common security tool configuration blunders you've come across? And on the flip side, which tools are your saviors for getting things optimized? Let's hear it!
IoT devices turned into DDoS slaves? 
Sounds wild, right? But it's totally true! Think GeoVision, Samsung... and that's just scratching the surface, really. Those End-of-Life devices? They're practically a free-for-all for botnet operators. Mirai sends its regards! 
So, what's the big deal? Well, IoT gadgets often have lousy security, and updates? Forget about 'em! Automated scans? They barely scratch the surface. If you want real security, you gotta go for manual pentests. 
Alright, so what can you actually do? Update 'em (if that's even an option!), segment your network, and keep an eye on things with monitoring! An unpatched device? That's a ticking time bomb, plain and simple. 
And hey, don't forget: vendor security claims are often just a load of marketing fluff!
Which "smart" devices with known weak spots are hiding out on your network? Have you even checked lately?
C# port of the AMSI bypass technique originally developed and documented by Andrea Bocchetti
Alright, so SSE is pretty neat, right? But what about what's actually going down *in* the browser? Does it kinda turn a blind eye to that?
You know the drill: data leaks via ChatGPT, shadow SaaS popping up, those nasty rogue browser extensions... I've seen it all. So many clients *think* they're locked down tight, but honestly? They're often wide open.
That's where "Browser-Native Security" is a total game-changer! Think: an actual Enterprise Browser, tight control over copy/paste, and robust account policies. And here’s a crucial point: this *boosts* your SSE, it doesn’t kick it to the curb! Super important to get that straight.
What are your own experiences with SSE? Ever wrestled with browser security nightmares? Let's hear it!
A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements
Heads up, everyone! The DBIR 2025 just dropped! 
And let me tell you, it's not *just* about ransomware anymore. The *real shocker*? The root causes. We're seeing a ton of breaches stemming from third-party vulnerabilities and wide-open machine identities.
You know, I heard this from a client just the other day: "Oh, our team's trained, so we're totally secure!" Yeah, right. LOL. Seriously though, as a pentester, I can't count how many times I've seen external access points get completely overlooked. And get this: third-party access attempts have *tripled*! Seriously, WTF! We're talking service accounts, bots, APIs... it's often a free-for-all out there! 
Here's the kicker: so many businesses just aren't grasping that *every single* identity – employees, contractors, and especially machines – needs rock-solid security. That's where robust Identity Governance really shines – it's absolutely crucial! And folks, regular pentests? Non-negotiable. Automated scans just don't cut it, not by a long shot. 
So, how are *you* tackling identity security? What are your go-to tools for managing third-party and machine identities? Spill the beans! Let's chat in the comments.
So, you've got your Entra ID (Azure AD) backup all set? Check! 
Awesome. But hang on a sec... is that *really* enough to breathe easy?
It's true, many believe things like MFA have them totally covered. And hey, those are vital! BUT... what's the game plan if things still go sideways? We're talking ransomware hitting hard, or even just a simple human oopsie. Let's be real, Entra ID is absolutely critical to your operations! 
Now, automated scans? They're a nice touch, for sure. However, they just don't pack the same punch as a thorough pentest. How are you *actually* making sure your identities are locked down tight?
#EntraID #Security #Pentest
Heads up, everyone! Just read that a critical Langflow vulnerability (CVE-2025-3248) is being actively exploited out there. We're talking a CVSS score of 9.8 – seriously high alert! 
For those unfamiliar, Langflow's a pretty cool open-source platform for building AI apps. Here's the catch, though: a specific API endpoint lacks authentication. And guess what that leads to? Yep, Remote Code Execution (RCE)!
What does that mean? Basically, attackers can run their own code right on your server. Looks like it's via an uncontrolled Python `exec()` call – a classic vulnerability pattern, unfortunately. 
**The fix? You need to update to version 1.3.0 or newer ASAP.** A Proof of Concept (PoC) is already circulating, so seriously, don't wait on this one! 
Now, while automated scans are definitely helpful, they might not catch everything. A proper penetration test is really the best way to *confirm* you're actually secure after patching. Don't just trust blindly!
This whole situation is a stark reminder: robust authentication isn't just 'nice-to-have,' it's absolutely essential. Plus, letting dynamic code run without tight controls is always playing with fire.
So, let's talk: Are any of you running Langflow? What steps have you already taken, or are planning to take, to lock things down? Share your thoughts below!
Heads up, Android users! Google just dropped a patch for a nasty vulnerability (CVE-2025-27363). Looks like this one's already being actively exploited out there.
Apparently, it targets a system component, enabling remote code execution *without* any user interaction needed. 
And surprise, surprise – the FreeType library is involved again. It's a reminder that even open source has its potential pitfalls.
This really drives home the point: automated scans are helpful, sure, but they just can't replace a proper, in-depth pentest. Sometimes, you really need to dig in manually. And yeah, security isn't free, but skimping on it can cost you way more in the long run. It's essential!
So, what do you think? What steps are *you* taking to keep your Android device secure? Let's hear it in the comments!
An post on how vulnerabilities were discovered and exploited in Neverwinter Nights to achieve remote code execution
https://www.synacktiv.com/en/publications/exploiting-neverwinter-nights
CAIDO: Una nueva herramienta para pentesters en las auditorías de seguridad web https://blog.elhacker.net/2025/05/caido-web-scanner-seguridad-web.html #herramienta #pentest #scanner #tool #web
mastodon uno admin 
