med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

357
active users

#mssql

0 posts0 participants0 posts today

CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia

A sophisticated cyberespionage campaign targeting high-value entities in South Asia, particularly a telecommunications organization, has been identified. The threat actor, tracked as CL-STA-0048, employed rare techniques like 'Hex Staging' for payload delivery and DNS-based data exfiltration. The operation, likely originating from China, aimed to obtain personal information of government employees and sensitive organizational data. The attackers systematically exploited vulnerabilities in IIS, Apache Tomcat, and MSSQL services. They utilized various tools including PlugX backdoor, Cobalt Strike, and privilege escalation tools. The campaign's sophistication and objectives suggest a nation-state advanced persistent threat operation.

Pulse ID: 679aca57066d5c141e511c82
Pulse Link: otx.alienvault.com/pulse/679ac
Pulse Author: AlienVault
Created: 2025-01-30 00:39:51

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#APAC#Apache#Asia

😈 Атаки на Active Directory: от 0 до 0,9.

#pentest #ActiveDirectory #mimikatz #MSSQL #RDP #rpc #smb #SSH

Цель статьи — рассмотреть Active Directory с точки зрения злоумышленника. Чтобы понять, как атаковать Active Directory, необходимо знать не только перечень инструментов, но и то, как они работают, какие протоколы/механизмы они используют и почему эти механизмы/протоколы существуют.

• Оригинал: zer1t0.gitlab.io/posts/attacki

• Перевод RU:

1. defcon.ru/penetration-testing/
2. defcon.ru/penetration-testing/
3. defcon.ru/penetration-testing/
4. defcon.ru/penetration-testing/
5. defcon.ru/penetration-testing/
6. defcon.ru/penetration-testing/
7. defcon.ru/penetration-testing/

zer1t0.gitlab.ioAttacking Active Directory: 0 to 0.9 | zer1t0

One more job posting, our Database team is pretty desperate for some help as they recently got halved by two folks moving onto different careers... I know they are looking for 2 intermediate to senior DBAs. The team supports MSSQL, PostgeSQL, Oracle, and MySQL databases. If you are knowledgeable and willing to help configure, build, review, and focus on DB related work, they are looking and haven't been finding many good candidates so far. That said it is fully remote (as long as you don't live within 50 miles of my small town). Also as with the other job I posted, we are a MSP in the public sector so... must be in the United States, able to obtain government clearances, and finally be a US Citizen.

Pay: 90k-170k depending on experience and intermediate to senior position

Should you be interested reply as a DM and I will shoot you a link to apply.

#dba#postgres#sql
Replied in thread

@SleepyCatten I really wish for #Windows to be canned by #Microsoft and in turn them just #FLOSS'ing the entire #Win16, #Win32 & #Win64 specs (pretty shure they can't #OpenSource any code post #MSDOS 4.0 due to #licensing issues aka. not owning the necessary rights to do so!) including #undocumented #API|s and #ABI|s so that #Wine can handle shite like #MicrosoftOffice that is purposefully designed to not run under Wine...

In fact, it may only a matter of time when the shrinking #ROI on OTP Software makes Microsoft Board Members cancel those in favour of more profitable parts like #Xbox / #GamesPublishing, #Azure & #Microsoft365 / #Office365.

The few "Flagship Products" they care about have already been ported to #macOS (#VScode) and #docker / #Linux (#MSSQL / #SQLserver)...