β β β‘β‘β‘ Another technical writeup.
SolarWinds' SunBurst: the next level of stealth.
https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
SolarWinds' SunBurst: the next level of stealth.
https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth
ReversingLabs
The attack on SolarWinds: Next-level stealth was key
The SunBurst supply chain attack, which was behind the SolarWinds compromise, took sophistication and patience.
cKure
β β β β‘β‘ Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers and alleged unsuccessful attempt to compromise CrowdStrike. https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html
β β β‘β‘β‘ πΊπΈ | π·πΊ #CyberWar update: CrowdStrike releases free Azure tool to review assigned privileges.
https://hackademicus.nl/crowdstrike-releases-free-azure-tool-to-review-assigned-privileges/
https://hackademicus.nl/crowdstrike-releases-free-azure-tool-to-review-assigned-privileges/
hackademicus.nl
Hackademicus is under construction
it's all about security stupid!
β β β‘β‘β‘ ApkLeaks - Scanning APK File For URIs, Endpoints And Secrets.
https://github.com/dwisiswant0/apkleaks
https://github.com/dwisiswant0/apkleaks
GitHub
GitHub - dwisiswant0/apkleaks: Scanning APK file for URIs, endpoints & secrets.
Scanning APK file for URIs, endpoints & secrets. Contribute to dwisiswant0/apkleaks development by creating an account on GitHub.
β β β‘β‘β‘ CVE-2020-8150 β Remote Code Execution as SYSTEM/root via Backblaze.
http://seclists.org/fulldisclosure/2020/Dec/55
http://seclists.org/fulldisclosure/2020/Dec/55
seclists.org
Full Disclosure: Re: [FD]
CVE-2020-8150 β Remote Code Execution as SYSTEM/root via Backblaze
CVE-2020-8150 β Remote Code Execution as SYSTEM/root via Backblaze
β β β β‘β‘ #DataLeak: REvil ransomware group, aka Sodinokibi, hacked The Hospital Group and threatens to release before-and-after pictures of celebrity clients.
https://securityaffairs.co/wordpress/112637/cyber-crime/the-hospital-group-revil.html
https://securityaffairs.co/wordpress/112637/cyber-crime/the-hospital-group-revil.html
β β β β‘β‘ Analyzing APT19 malware (viz. DLL backdoor) using a step-by-step method.
https://cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/
https://cybergeeks.tech/analyzing-apt19-malware-using-a-step-by-step-method/
β β‘β‘β‘β‘ #DataLeak: Japanese π―π΅ game developer Koei Tecmo discloses data breach after hacker leaks stolen data.
https://www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ #Japan
https://www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ #Japan
BleepingComputer
Koei Tecmo discloses data breach after hacker leaks stolen data
Japanese game developer Koei Tecmo has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum.
β β‘β‘β‘β‘ Apple π iCloud outage prevents device activations, access to data.
β β β β‘β‘ SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform.
https://www.bleepingcomputer.com/news/security/solarwinds-releases-updated-advisory-for-new-supernova-malware/
https://www.bleepingcomputer.com/news/security/solarwinds-releases-updated-advisory-for-new-supernova-malware/
BleepingComputer
SolarWinds releases updated advisory for new SUPERNOVA malware
SolarWinds has released an updated advisory for the additional SuperNova malware discovered to have been distributed through the company's network management platform.
β β‘β‘β‘β‘ π GoDaddy apologized for insensitive phishing email sent to its employees offering a fake bonus.
β β β β β‘ #BlueTeam: TruKno TTP based Threat Intelligence Platform.
TruKnoβs ThreatBoard is a platform that helps security professionals uncover the root causes behind emerging cyber-attacks, Improving proactive defense postures.
https://www.ehackingnews.com/2020/12/trukno-ttp-based-threat-intelligence.html
TruKnoβs ThreatBoard is a platform that helps security professionals uncover the root causes behind emerging cyber-attacks, Improving proactive defense postures.
https://www.ehackingnews.com/2020/12/trukno-ttp-based-threat-intelligence.html
β β‘β‘β‘β‘ Kaspersky Lab and Yandex have detected malicious browser extensions.
https://www.ehackingnews.com/2020/12/kaspersky-lab-and-yandex-have-detected.html
https://www.ehackingnews.com/2020/12/kaspersky-lab-and-yandex-have-detected.html
β β β‘β‘β‘ Wynis - Audit Windows Security With Best Practice.
https://github.com/Sneakysecdoggo/Wynis
https://github.com/Sneakysecdoggo/Wynis
GitHub
GitHub - Sneakysecdoggo/Wynis: Audit Windows Security with best Practice
Audit Windows Security with best Practice. Contribute to Sneakysecdoggo/Wynis development by creating an account on GitHub.
β β β β‘β‘ Webkit Exploitation Tutorial.
https://docs.ioin.in/writeup/www.auxy.xyz/_tutorial_Webkit_Exp_Tutorial_/index.html
https://docs.ioin.in/writeup/www.auxy.xyz/_tutorial_Webkit_Exp_Tutorial_/index.html
β β β β‘β‘ #Vietnam π»π³ targeted in complex supply chain attack.
Hackers have inserted malware inside an app offered for download by the Vietnam Government Certification Authority (VGCA).
https://www.zdnet.com/article/vietnam-targeted-in-complex-supply-chain-attack/
Hackers have inserted malware inside an app offered for download by the Vietnam Government Certification Authority (VGCA).
https://www.zdnet.com/article/vietnam-targeted-in-complex-supply-chain-attack/
ZDNET
Vietnam targeted in complex supply chain attack
Hackers have inserted malware inside an app offered for download by the Vietnam Government Certification Authority (VGCA).
β β β‘β‘β‘ Top 20 Most Popular Hacking Tools in 2020.
https://www.kitploit.com/2020/12/top-20-most-popular-hacking-tools-in.html
https://www.kitploit.com/2020/12/top-20-most-popular-hacking-tools-in.html
KitPloit - PenTest & Hacking Tools
Top 20 Most Popular Hacking Tools in 2020