Yesterday, cybersecurity vendor GTSC Cyber Security dropped a blog saying they had detected exploitation of a new Microsoft Exchange zero… | Continue reading
I’ve talked about ransomware and extortion attacks on organizations for about a decade. I recently spent a year at Microsoft in Threat… | Continue reading
Two days ago, Nao_sec identified an odd looking Word document in the wild, uploaded from an IP address in Belarus: | Continue reading
Two days ago, Nao_sec identified an odd looking Word document in the wild, uploaded from an IP address in Belarus: | Continue reading
Recently, PwC Threat Intelligence documented the existence of BPFDoor, a passive network implant for Linux they attribute to Red Menshen… | Continue reading
This is the story of how all non-admin users can read the registry — and so elevate privileges and access sensitive credential information… | Continue reading
I’ve talked about ransomware and extortion attacks on organizations for about a decade. I recently spent a year at Microsoft in Threat… | Continue reading
So the title there is exactly as it reads — a few weeks ago I set up a honeypot vulnerable to CVE-2020–1472 aka ZeroLogon. | Continue reading
This week Norsk Hydro, a large multinational manufacturer with 35,000 staff and over 100 years of history, had the nightmare scenario of a… | Continue reading
Yesterday SandboxEscaper tweeted an local privilege escalation exploit for Windows, which currently has no patch. It’s a really neat flaw… | Continue reading
I’m old. Like super old. Like 36 old. So I thought it might be nice to give back some things which I’ve learnt over the years about… | Continue reading
Android has a feature called Android Debug Bridge (ADB for short) which allows developers to communicate with a device remotely, to… | Continue reading