@RedCursorSec profile picture
Red Cursor @RedCursorSec

Red Cursor Your Point for Security

Joined May 2018
  • Tweets 36
  • Following 77
  • Followers 47
Photos and videos
Check out our new blog bypassing crowdstrike redcursor.com.au/blog/bypass…
1
11
Women in Cybersecurity don't forget you can still get tickets (free) to attend the talks @0xCC_sh here lnkd.in/eK4Maik

LinkedIn

This link will take you to a page that’s not on LinkedIn

lnkd.in
1
6
8
Red Cursor retweeted
0xCC@0xcc
8 Mar 2020
Not that we need a special day to celebrate all the awesome women in our lives but #IWD2020 is a great excuse to give praise! 🎉🎊 We'll start! #InternationalWomensDay #InternationalWomensDay2020
1
3
14
For International Women's Day Red Cursor are sponsoring @0xCC_sh a free training course for all women in infosec/cyber security. We are proud to support and empower women to follow their passion, whatever that may be. 0xcc.sh show your support
2
3
Red Cursor retweeted
0xCC@0xcc
6 Mar 2020
We’re ecstatic to announce @RedCursorSec as our latest Gold sponsor! They’re passionate about breaking down barriers to foster a more positive and empowering environment for women in cyber security and we’re so glad to have their support! More info: redcursor.com.au
2
9
Remote Code Execution on Exchange due to static encryption key. thezdi.com/blog/2020/2/24/cv…

Zero Day Initiative — CVE-2020-0688: Remote Code Execution on Microsoft Exchange Server Through...

This most recent Patch Tuesday, Microsoft released an Important-rated patch to address a remote code execution bug in Microsoft Exchange Server. This vulnerability was reported to us by an anonymous...

thezdi.com
1
Michael has put together a working #PoC for CVE-2020-0668 that allows privilege escalation on all versions of Windows up until the Feb 2020 patch Tuesday. Check it out here: github.com/RedCursorSecurity… #netsec

GitHub - RedCursorSecurityConsulting/CVE-2020-0668: Use CVE-2020-0668 to perform an arbitrary...

Use CVE-2020-0668 to perform an arbitrary privileged file move operation. - RedCursorSecurityConsulting/CVE-2020-0668

github.com
1
Red Cursor retweeted
Tavis Ormandy
@taviso
9 Oct 2018
This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp.
Natalie Silvanovich@natashenka
9 Oct 2018
Memory corruption bug in WhatsApp's non-WebRTC video conferencing implementation bugs.chromium.org/p/project-…
9
326
477
Another bypass x.com/yeyint_mth/status/9973…

r0lan@yeyint_mth
18 May 2018
#rednote ProtocolHandler are also work with obf rundll32 url.dll,OpenURL http://^2^8^9^9^9^0^9^3^8^0^/ rundll32 url.dll,OpenURL file://^C^:^/^W^i^n^d^o^w^s^/^s^y^s^t^e^m^3^2^/^c^a^l^c^.^e^x^e #redteam
Interesting AppLocker bypass x.com/bohops/status/10113503…

bohops
@bohops
25 Jun 2018
Interesting way to call a COM CLSID: rundll32.exe -sta {CLSID} rundll32.exe /sta {CLSID} Use this with @subTee's #squiblydoo COM Hijack method for a default AppLocker Bypass Haven't found any sec-related resources with -sta (single threaded apartment) Anyone seen this before?
Today I learned x.com/yeyint_mth/status/1009…

r0lan@yeyint_mth
21 Jun 2018
sometime we forgot native ftp.exe client in windows that can execute system cmd without direct access to cmd.exe #redteam #rednote
Adding this one to the toolbox blog.netspi.com/tokenvator-a…
1
Very useful proof of concept for demonstrating misconfigured CORS policies github.com/trustedsec/cors-p…

GitHub - trustedsec/cors-poc

Contribute to trustedsec/cors-poc development by creating an account on GitHub.

github.com
By pass locked windows 10 machine just by asking Cortana. securingtomorrow.mcafee.com/…

Cybersecurity News and Insights to Stay Safe Online | McAfee Blog

Welcome to the McAfee Blog, where we share posts about security solutions and products to keep you and your connected family safe online.

mcafee.com
Good Read!! Pen tester's NTFS tricks sec-consult.com/en/blog/2018…
1
This is a very good blog to follow if you are looking at learning lateral movement techniques. Latest article...Kerberoast pentestlab.blog/2018/06/12/k…
nccgroup.trust/uk/about-us/n…
Integer Overflow makes Ghandi bad in original civ game (via @KotakuAU) kotaku.com.au/2014/11/why-ga…
Understanding Java deserialization nytrosecurity.com/2018/05/30… via @NytroRST
NULL sessions are back sensepost.com/blog/2018/a-ne…
2
Load more