The Chinese cyber-espionage collective UAT-8302 has, for nearly a annum, conducted surreptitious incursions against governmental entities across South America and Europe, utilizing a sophisticated arsenal linked to several prominent Chinese threat actors. Analysts at...
A seemingly innocuous file transmitted via a support chat escalated into a significant crisis for DigiCert. An adversary masquerading as a client presented a malicious archive as a “customer screenshot,” successfully infiltrating systems utilized...
Wireshark has undergone a monumental security refinement, with developers remediating over forty vulnerabilities. A subset of these defects potentially facilitates remote code execution (RCE) through meticulously engineered network packets or malicious capture files. For...
Adversaries have once again targeted the npm supply chain, though this incursion pursued a surgical and perilous objective: packages integral to developers within the SAP ecosystem. The malicious campaign, designated “Mini Shai-Hulud,” appears modest...
The video hosting vanguard Vimeo has disclosed a security transgression impacting its user repository, precipitated by a compromise of the third-party analytics provider Anodot—a service utilized by a vast array of global enterprises. According...
Corporate correspondence has once again emerged as a convenient portal for adversaries. In this nascent campaign, the assailants eschew direct “forced entry,” choosing instead to orchestrate a familiar professional complication for employees and promptly...
Researchers have unearthed a pervasive offensive targeting industrial controllers that had been inadvertently exposed to the public internet. Beneath the façade of routine Modbus/TCP inquiries lay not merely indiscriminate scanning, but calculated attempts to...
Kerlab A Rust implementation of Kerberos for FUn and Detection Kerlab was developed just to drill down kerberos protocol and better understand it. The main purpose is to write more targeted detection rules. kerasktgt Kerberos Ask...
The United States Cybersecurity and Infrastructure Security Agency (CISA) has once again augmented its repository of vulnerabilities identified in active, real-world incursions. The latest revision incorporates four distinct flaws within products from Samsung, SimpleHelp,...
ghostsurf NTLM HTTP relay tool with SOCKS proxy for browser session hijacking. Capture NTLM auth, relay to HTTP/HTTPS targets, then browse as the victim through a SOCKS proxy. This works even when cookie replay...
A computational architecture may fall under alien subjugation due to a ubiquitous utility pre-installed “from the factory.” A profound vulnerability has been unearthed within the GIGABYTE Control Center—the very orchestration suite through which proprietors...
A singular assault upon a developer instrument escalated within a mere twenty-four hours into a catastrophic chain reaction, enveloping scores of projects. Initially, the malefactors breached the ubiquitous Trivy vulnerability scanner, seamlessly weaving credential-harvesting...
