RemoteMonologue is a Windows credential harvesting technique that enables remote user compromise by leveraging the Interactive User RunAs key and coercing NTLM authentications via DCOM. Features ? Authentication Coercion via DCOM (-dcom) Targets three DCOM...
In a sweeping espionage campaign dubbed LapDogs, over a thousand small office and home office devices were compromised. Researchers from the STRIKE team at SecurityScorecard reported that the attack was linked to Chinese threat...
The leading cybersecurity agencies in the United States—CISA and the NSA—have issued a joint report urging software developers to adopt so-called memory-safe programming languages. These are technologies inherently designed to protect against critical memory-related...
On Friday evening, a surprising announcement introduced Tyr—a new graphics driver for the Linux kernel, written in Rust. Designed to support modern Arm Mali GPUs, the driver interfaces with the Direct Rendering Manager. Despite...
Microsoft has released the preview update KB5060829 for Windows 11 version 24H2, encompassing 38 technical enhancements, including refinements to the taskbar and a new tool for seamless data migration between devices. Classified as an...
For nearly a year, a hacker collective has been orchestrating a large-scale campaign targeting the financial sector across Africa. Experts from Unit 42 at Palo Alto Networks have sounded the alarm, tracking this operation...
Researchers at Varonis Threat Labs have uncovered a new phishing campaign in which attackers exploit a little-known Microsoft 365 feature known as Direct Send. Originally intended for sending emails from internal devices such as...
Cisco has released critical security updates to address two severe vulnerabilities in its network security products. Both issues affect Cisco Identity Services Engine (ISE) and its associated component, the ISE Passive Identity Connector (ISE-PIC)....
ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike...
Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion of security software and bypasses application...