▄▄▄▄▄▄▄ ▄▄ ▄▄█
▄███████████████▀ ▀███▀
▄▀▀ ▄▀▀▀▀▀█▀▀█ ███
▄▄█▀ ▄███ █ ███ ▄ ▄ ▄▄ ▄ ▄▄
▄██ ▀ ███ █ ███ ▄█████ ▄████ ▄███▄▄ ▀▄▄▄█▀█████▀
███ ███ █ ███▀ ███ ▀███ ▀▀███▀ ████ ████
███ ███ █ ███ ███ ███ ███ ████ ████
███▄ ██▀ █▄▄ ███ ███ ███ ███ ████ ████
▀████▄ ▀ ▄███ ███▄ ███ ███ ▄███ ████ ████
▀▀██████████▀▀ ▄██████ ███▄ ▀▀█████▀████▀ ▀▀▀███▀▀███▄
▀▀▀▀▀▀▀ ▀▀ ██ ▀ ▀▀ ▄▄▄ ██▀
██ ▄▄██████▀
▄█▀ ▄▄██ ▄ ▀▀ ▄▀▀▀▀██▀ ▄▄█▄
▄█▀ ▄▄██▀████▀ ▀███▄
▄██ ▀ ███ █ ▀███▄
▄██▀ ███ █ ▄█ ▄ ▄ ▄▄▄██▄ ▄█▄ ▄▄█▄ ▄█▄ ▄████▄
███ ███ █ ▄████▄████ ███ ▀▀███▀ ▀████ ▀▀███ ▀████▀ ███ ███▀
███▄ ███ █ ███ ▀▀ ███ ███ ███ ███ ███ ███ ███
████▄ ███ █ ███ ███ ███ ███ ███ ███ ███ ███
████▄ ▄▀▀ █ ▄ ███ ███ ███ ███ ███ ███ ███ ███
▀████▄▄▄▄▄▄█▄█▀ ▄████▄ ▄████▄▄███ ▄████▄▄███ ███ ▄████▄▄███▄
▀▀█████▀▀▀ ▀ ▀▀█▀ ▀ ▀▀█▀ ▀ ▀▀██ ▀███▀▀▀ ▀ ▀█▀ ▀
2 0 1 9 1 0 2 2
▀█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▀
█ █
█ ANNOUNCEMENTS ────────────────────────────────────────────────────────── █
█ █
█ Sign up for our 24 hour charity hackathon - ch0pp3d! You can also submit █
█ ideas for the challenge here. █
█ █
█ Help us create show notes! Contact @netspooky on Twitter. █
█ █
█ We have a new chat challenge out. The entrypoint is here. █
█ █
█ NEWS ─────────────────────────────────────────────────────────────────── █
█ █
█ - Hackers steal secret crypto keys for NordVPN. █
█ - Avast says hackers breached internal network through compromised VPN █
█ profile █
█ - Feds Bust One of the Dark Web's Biggest Child Porn Sites Thanks to █
█ Tremendously Bad Opsec █
█ - Researchers find stealthy MSSQL server backdoor developed by Chinese █
█ cyberspies █
█ - Phorpiex botnet made $115,000 in five months just from mass-spamming █
█ sextortion emails █
█ - Inside the Phone Company Secretly Run By Drug Traffickers █
█ - New Windows 10 Secured-Core PCs Block Firmware-Level Attacks █
█ - Equifax used admin as username and password for sensitive data. █
█ - Pen testers find mystery black box connected to ships engines █
█ - Data for a whopping 26m stolen payment cards leaked in site hack █
█ - Mercedes-Benz app glitch exposed car owners info to other users █
█ - Samsung: Anyone's thumbprint can unlock Galaxy S10 phone █
█ █
█ GOOD READS ───────────────────────────────────────────────────────────── █
█ █
█ - How A Massive Facebook Scam Siphoned Millions Of Dollars From █
█ Unsuspecting Boomers █
█ - The Untold Story of the 2018 Olympics Cyberattack, the Most █
█ Deceptive Hack in History █
█ - Claims of a Cyber Attack on Iran’s Abadan Oil Refinery and the Need █
█ for Root Cause Analysis █
█ - Burnout In InfoSec: An Epidemic We Need To Talk About █
█ - RTFM: ADCs And DACs █
█ - This Sure Looks Like Mitt Romney's Secret Twitter Account (Update: █
█ It Is) █
█ - ClickToPray eRosary Account Takeover █
█ █
█ RESOURCES ────────────────────────────────────────────────────────────── █
█ █
█ - xer0's Shodan Dark Theme █
█ - samratashok/nishang - Offensive PowerShell for red team, penetration █
█ testing and offensive security. █
█ - Yubico security keys can now be used to log into Windows computers █
█ - Windows Notes / Cheatsheet █
█ - leebaird/discover - Custom bash scripts used to automate various █
█ penetration testing tasks including recon, scanning, parsing, and █
█ creating malicious payloads and listeners with Metasploit. █
█ - utkonos/lst2x64dbg - Extract labels from IDA .lst or Ghidra .csv █
█ file and export x64dbg database. █
█ █
█ CHEAT CODES ──────────────────────────────────────────────────────────── █
█ █
█ - Kubernetes "Billion Honks" DOS PoC █
█ - Activation Contexts — A Love Story █
█ - @ItsReallyNick: Things I didn't realize you could do with .URL files █
█ - The Lost Art of Shellcode Encoder/Decoders █
█ - Trend Micro Anti-Threat Toolkit <= v1.62.0.1218 / RCE 0day █
█ - CSS Injection Primitives █
█ █
█ SAFARI ZONE ──────────────────────────────────────────────────────────── █
█ █
█ [DocOutlaw] █
█ - Some utilities site █
█ - Lots of movie subtitles █
█ - List of Steel Tank Inspectors █
█ - Remote surveillance unit restart pages █
█ - Shodan Dork for UKTN-1 Web Interface █
█ - "Launch a survey" █
█ █
█ [fouroctets] █
█ - 609 Pages of Horse Shit by Scott A. Barry █
█ █
█ [hermit] █
█ - iDRAC dork █
█ - Insane ExxonMobil Dork █
█ - ExxonMobil Conference Call Page █
█ - Tufts ISCSC Remote Support █
█ - Tufts CaseTrakker Dynamo Install Page █
█ - Tufts "DummyDownload.txt" █
█ - Tufts Demo of some CMS (ctcdemo) █
█ - A dork for the "ctcdemo" software █
█ - A really broken ctcdemo page █
█ - "you are logging into the test environment" dork █
█ █
█ [x0] █
█ - xer0's Shodan Dark Mode - Latest █
█ - Hacked by 1ND0TR0J4N X Dork █
█ - logs from wedding trip █
█ - SOCKS Proxy Lists █
█ - Some Runes in pastebin █
█ - if yer looking for new orlean's restaurant advice █
█ - some bots █
█ - Creepy Medical Center Camera █
█ █
▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█▄
Weekly Mix by @0Katz