Scoubi

Dirk-jan Mollema found one of the most severe vulnerabilities ever discovered in Microsoft Entra ID.

One that could have compromised every tenant in the cloud.

In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥

PingOne Attack Paths - SpecterOps You can use PingOneHound in conjunction with BloodHound Community Edition to discover, analyze, execute, and remediate identity-based attack paths in PingOne instances.

Introducing PingOneHound! This OpenGraph extension for BloodHound can help you identify, analyze, execute, and remediate attack paths in PingOne organizations. Read the introductory blog post here: specterops.io/blog/2025/10...

Can you please reach out to me via either email or Discord.
You must have received an email from me when you bought your ticket.

Thank you!

Happy #BloodHoundBasics Day from @scoubi.bsky.social!

By now, you've probably heard about our Query Library. But did you know you can run any query in your own instance of BHE/BHCE and then save the query to your Personal Library?

Follow the steps threaded below!

🧵: 1/5

the cast of Hackers (1995) posing in a series of adjacent phone booths

Today is the 30th anniversary of Hackers

You should wear them proudly at @deathcon.io in Montreal! 😁

The final round of #DEATHCon2025 online tickets will drop on 9/9 at 0900 UTC deathcon.io/tickets.html
In-person tickets still available at some sites (1/4)

There is only one in Montreal 🤣

But it’s 1 DEATHcon and multiple locations. Same content is available everywhere but each site is free to choose which Workshops they’ll showcase during the weekend.

All content is also available for at least 1 month online for all attendees.

Buy your tickets here : www.eventbrite.ca/e/deathcon-montreal-on-site-tickets-1422785262019

Interested in hands-on learning of #DetectionEngineering and #ThreatHunting ?
We still have a few tickets left for @DEATHCon2025 in #Montreal
We are lucky enough to have 4 Workshops Leaders with us that will be able to hosts a Live Play of their workshop and help you complete it!

Fucking do it, I dare you.

What all do you need to know about BloodHound CE 8.0 & OpenGraph? @scoubi.bsky.social is joining @redsiege.com's Wednesday Offensive tomorrow to dive into the JSON schema for OpenGraph, how to ingest nodes & edges, best practices, & how to create custom icons.

Join 👉 ghst.ly/46MNltn

Word!

NoiseLetter July 2025 Get GreyNoise updates! Read the July 2025 NoiseLetter for product news, key resources, the latest tags and vulnerabilities, and more.

This month's NoiseLetter will make the perfect light reading for a trip to say...Vegas? Make sure to check it out (even if you're not headed to BlackHat/DEF CON there is something in it for you). 🤘

Hackers target Python devs in phishing attacks using fake PyPI site The Python Software Foundation warned users this week that threat actors are trying to steal their credentials in phishing attacks using a fake Python Package Index (PyPI) website.

The Python Software Foundation warns of phishing emails directing users to a fake PyPI site (pypj. org) to steal credentials. PyPI isn’t hacked, but users are urged to stay alert.

www.bleepingcomputer.com/news/securit...

Via @bleepingcomputer.com

#hacking #infosec #cybersecurity

This is AMAZING

Think being compliant = being secure? Think again. 🤔

Hear from @scoubi.bsky.social at #BSidesLV as he exposes the gap between blindly following rules & security posture.

Get the info on password security & what to do when "compliant" passwords fail you. ghst.ly/4o66cWk

How did it go??

Happy #BloodHoundBasics Day from @scoubi.bsky.social! 🎉

Have you ever run a Cypher Query & get so many nodes you couldn't see anything? You Pinch Zoom to get a closer look and it worked fine, but you Pinch Un-zoom & the application resized.

🧵: 1/2

Only 3 Early Bird tickets left!!

Tickets for #DEATHcon in Montreal are on sale now!

Book now to secure your place. FYI, Virtual Tickets for round 1 are already Sold Out!

eventbrite.ca/e/deathcon-m...

Additional info (like workshops) for the con can be found here : deathcon.io

Please like & repost for reach

Ohm-I and Ed Skoudis duet

Tickets for "DEATHcon - Montreal On Site" go on sale July 8th at 8am.
www.eventbrite.ca/e/deathcon-m...

Be with 50 other DE&TH aficionados for a whole weekend Nov 8-9 2025!!
#DEATHcon #Workshops #DetectionEngineering #ThreatHunting

Good Fences Make Good Neighbors: New AD Trusts Attack Paths in BloodHound - SpecterOps The ability of an attacker controlling one domain to compromise another through an Active Directory (AD) trust depends on the trust type and configuration. To better map these relationships and make i...

How attackers move between AD domains via trusts depends on trust type & config. We're replacing TrustedBy edge in BloodHound with new trust edges for better attack path mapping.

Check out @jonas-bk.bsky.social's blog post to learn more. ghst.ly/4lj9C5T

Ghostwriter v6: Introducing Collaborative Editing - SpecterOps Ghostwriter now supports real-time collaborative editing for observations, findings, and report fields using the YJS framework, Tiptap editor, and Hocuspocus server, enabling multiple users to edit si...

Ghostwriter v6's new collaborative editing feature is 🔥

Alex Parrill & @printingprops.com discuss the new real-time collaborative editing for observations, findings, & report fields, enabling multiple users to edit simultaneously without overwriting each other. ghst.ly/4jVqdvG

#HuntingTipOfTheDay: a personal favourite, command-line obfuscation. Substituting or inserting special Unicode characters might allow attackers to bypass string-based detections. Look for command lines with unusual Unicode characters. Checkout ArgFuscator.net for more fun!

#HuntingTipOfTheDay: macOS has a built-in SSH mechanism that is disabled by default. Would you detect it if someone enables it and logs in remotely? Look for remote login events, and investigate the associated session.

Awesome!

Post here when done 😁

Personalized my work laptop a bit