Cybersecurity blue team person. Love to discuss urbanism, housing crisis and most "bigger-than-you" modern challenges. YIMBY.
Mstd: @res260@infosec.exchange
Mar 4, 2022 • 10 tweets • 7 min read
#ContiLeak 🧵! This time, management/developpers documentation 📄
CODING PRINCIPLES
Those are surprisingly good principles. "The wrong choice will grow in the code forever!" ✅✅✅✅✅ FACTS
Mar 3, 2022 • 17 tweets • 7 min read
Another #ContiLeaks 🧵This one should be smaller 😂 In the rocketchat logs, a channel "manuals_team_c" contained 16 procedures from reconnaissance to exfiltration. I translated (with the help of @sys6x) them, here they are: github.com/Res260/conti_2…
INITIAL ACTIONS
This one details the general ideas and the steps most cases will require. Reconnaissance using AD, enum shares, privesc, creds dumping using known techniques, etc. I found interesting that they inject a TLS listener. I wonder if it yields good results.
Feb 28, 2022 • 72 tweets • 30 min read
So, Conti chat logs were leaked, I got my hand on a google-translated version of it, I'll document what I found interesting 🧵
March 2021: They tried to get ahold of a @vmw_carbonblack license, detailing their roadblocks and options: