Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
UNDERCODE NEWS
A Year of Gemini: A Pop Quiz - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
📱 A Courageous Leap: Engineer Quits High-Paying Job for Happiness and Impact
https://undercodenews.com/a-courageous-leap-engineer-quits-high-paying-job-for-happiness-and-impact/
@Undercode_News
https://undercodenews.com/a-courageous-leap-engineer-quits-high-paying-job-for-happiness-and-impact/
@Undercode_News
UNDERCODE NEWS
A Courageous Leap: Engineer Quits High-Paying Job for Happiness and Impact - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Italy Gets Its #Digital ID Wallet: Convenience or Privacy Trap?
https://undercodenews.com/italy-gets-its-digital-id-wallet-convenience-or-privacy-trap/
@Undercode_News
https://undercodenews.com/italy-gets-its-digital-id-wallet-convenience-or-privacy-trap/
@Undercode_News
UNDERCODE NEWS
Italy Gets Its Digital ID Wallet: Convenience or Privacy Trap? - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🛡️ #GitHub Enterprise Cloud Earns SOC 2 Type II Compliance, Boosting Security for Developers
https://undercodenews.com/github-enterprise-cloud-earns-soc-2-type-ii-compliance-boosting-security-for-developers/
@Undercode_News
https://undercodenews.com/github-enterprise-cloud-earns-soc-2-type-ii-compliance-boosting-security-for-developers/
@Undercode_News
UNDERCODE NEWS
GitHub Enterprise Cloud Earns SOC 2 Type II Compliance, Boosting Security for Developers - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🔍 Empowering the Next Generation of Computing Researchers
https://undercodenews.com/empowering-the-next-generation-of-computing-researchers/
@Undercode_News
https://undercodenews.com/empowering-the-next-generation-of-computing-researchers/
@Undercode_News
UNDERCODE NEWS
Empowering the Next Generation of Computing Researchers - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#Google's #AI Tackles Traffic Congestion and Fuel Emissions
https://undercodenews.com/googles-ai-tackles-traffic-congestion-and-fuel-emissions/
@Undercode_News
https://undercodenews.com/googles-ai-tackles-traffic-congestion-and-fuel-emissions/
@Undercode_News
UNDERCODE NEWS
Google's AI Tackles Traffic Congestion and Fuel Emissions - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🔧 A Sleek Solution: Orico's MiniMate for Your M4 Mac mini
https://undercodenews.com/a-sleek-solution-oricos-minimate-for-your-m4-mac-mini/
@Undercode_News
https://undercodenews.com/a-sleek-solution-oricos-minimate-for-your-m4-mac-mini/
@Undercode_News
UNDERCODE NEWS
A Sleek Solution: Orico's MiniMate for Your M4 Mac mini - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
📱 #Apple's M4 Mac Mini: A Powerful Little Package
https://undercodenews.com/apples-m4-mac-mini-a-powerful-little-package/
@Undercode_News
https://undercodenews.com/apples-m4-mac-mini-a-powerful-little-package/
@Undercode_News
UNDERCODE NEWS
Apple's M4 Mac Mini: A Powerful Little Package - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🌐 #Firefox 133: A Leap Forward in Web Browsing
https://undercodenews.com/firefox-133-a-leap-forward-in-web-browsing/
@Undercode_News
https://undercodenews.com/firefox-133-a-leap-forward-in-web-browsing/
@Undercode_News
UNDERCODE NEWS
Firefox 133: A Leap Forward in Web Browsing - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ #GitHub Strengthens Security Posture with New SOC 2 Reports for Enterprise Cloud, #Copilot, and More
https://undercodenews.com/github-strengthens-security-posture-with-new-soc-2-reports-for-enterprise-cloud-copilot-and-more/
@Undercode_News
https://undercodenews.com/github-strengthens-security-posture-with-new-soc-2-reports-for-enterprise-cloud-copilot-and-more/
@Undercode_News
UNDERCODE NEWS
GitHub Strengthens Security Posture with New SOC 2 Reports for Enterprise Cloud, Copilot, and More - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
#GitHub Actions: A Deeper Dive into Runner Labels
https://undercodenews.com/github-actions-a-deeper-dive-into-runner-labels/
@Undercode_News
https://undercodenews.com/github-actions-a-deeper-dive-into-runner-labels/
@Undercode_News
UNDERCODE NEWS
GitHub Actions: A Deeper Dive into Runner Labels - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
📱 #Microsoft Expands #Windows Recall #AI Feature: A Measured Approach
https://undercodenews.com/microsoft-expands-windows-recall-ai-feature-a-measured-approach/
@Undercode_News
https://undercodenews.com/microsoft-expands-windows-recall-ai-feature-a-measured-approach/
@Undercode_News
UNDERCODE NEWS
Microsoft Expands Windows Recall AI Feature: A Measured Approach - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
💻 Evernote: A #Digital Notebook for Your Thoughts
https://undercodenews.com/evernote-a-digital-notebook-for-your-thoughts/
@Undercode_News
https://undercodenews.com/evernote-a-digital-notebook-for-your-thoughts/
@Undercode_News
UNDERCODE NEWS
Evernote: A Digital Notebook for Your Thoughts - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Informative The Rise of VK: A Social Media Giant in Russia and Beyond
https://undercodenews.com/informative-the-rise-of-vk-a-social-media-giant-in-russia-and-beyond/
@Undercode_News
https://undercodenews.com/informative-the-rise-of-vk-a-social-media-giant-in-russia-and-beyond/
@Undercode_News
UNDERCODE NEWS
Informative The Rise of VK: A Social Media Giant in Russia and Beyond - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🤖 Informative Navigating Tumblr's Login Process: A Step-by-Step Guide
https://undercodenews.com/informative-navigating-tumblrs-login-process-a-step-by-step-guide/
@Undercode_News
https://undercodenews.com/informative-navigating-tumblrs-login-process-a-step-by-step-guide/
@Undercode_News
UNDERCODE NEWS
Informative Navigating Tumblr's Login Process: A Step-by-Step Guide - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
🦑Exploitation of the Microsoft Exchange Vulnerability:
During the IR investigation, the Nocturnus Team was able to identify the initial compromise vector, in which the attackers exploited the recently discovered vulnerabilities in Microsoft Exchange server, which allowed them to perform remote code execution by exploiting the following CVEs: CVE-2021-27065 and CVE-2021-26858.
The attackers used this vulnerability to install and execute the China Chopper webshell via the following commands:
During the IR investigation, the Nocturnus Team was able to identify the initial compromise vector, in which the attackers exploited the recently discovered vulnerabilities in Microsoft Exchange server, which allowed them to perform remote code execution by exploiting the following CVEs: CVE-2021-27065 and CVE-2021-26858.
The attackers used this vulnerability to install and execute the China Chopper webshell via the following commands:
Once the attackers gained access to the network, they deleted the .aspx webshell file to cover their tracks:
cmd.exe /c del "C:\Program Files\Microsoft\Exchange Server\V15\\frontend\httpproxy\owa\auth\<file_name>.aspx"
cmd.exe /c del "C:\Program Files\Microsoft\Exchange Server\V15\\frontend\httpproxy\owa\auth\<file_name>.aspx"
Using the webshell, the attackers launched a PowerShell that was then used to download a payload from the following URL:
http://178.21.164[.]68/dwn.php?b64=1&d=nethost64C.exe&B=_AMD64,<machine_name>
The payload is then saved as C:\windows\zsvc.exe and executed. This is the start of the Prometei botnet execution:
http://178.21.164[.]68/dwn.php?b64=1&d=nethost64C.exe&B=_AMD64,<machine_name>
The payload is then saved as C:\windows\zsvc.exe and executed. This is the start of the Prometei botnet execution: