■■■■■ Offensive Lateral Movement in Windows.

https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f

■■■■□#DataLeak: SolarWinds hackers accessed some of the source-code of Microsoft.

https://thehackernews.com/2020/12/microsoft-says-solarwinds-hackers.html

■■■□□ GKE Auditor – Detect Google Kubernetes Engine Misconfigurations.

https://www.darknet.org.uk/2021/01/gke-auditor-detect-google-kubernetes-engine-misconfigurations

■■□□□ RogueWinRM - Windows Local Privilege Escalation From Service Account To System.

https://www.kitploit.com/2021/01/roguewinrm-windows-local-privilege.html

■□□□□ City of Cornelia Witnessed Fourth Ransomware Attack.

https://www.ehackingnews.com/2021/01/city-of-cornelia-witnessed-fourth.html

■■■■□ CVE-2020-29583: Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products.

https://thehackernews.com/2021/01/secret-backdoor-account-found-in.html

■■■■□CVE-2020-29583: A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP.

https://www.zyxel.com/support/CVE-2020-29583.shtml

■■■□□ Video for https://t.me/cKure/6509

■■■■□ #DataLeak: Facebook ads used to steal 615000+ credentials in a phishing campaign.

The campaign targeted users in multiple countries including #Egypt 🇪🇬, #Philippines🇵🇭, #Pakistan 🇵🇰, and #Nepal🇳🇵

https://securityaffairs.co/wordpress/112882/hacking/facebook-phishing-campaign-2.html

■■□□□ AutoHotkey-Based credential stealer targets bank in the US and Canada.

https://securityaffairs.co/wordpress/112895/malware/credential-stealer-banks.html

■■■□□ #DataLeak: Oblivion - Data Leak Checker And OSINT Tool.

https://github.com/loseys/Oblivion

■■□□□ #DataLeak: Ransomware Attack Leaks GenRx’s Data.

GenRx Pharmacy, which is settled in Scottsdale, AZ, is telling people of a data breach incident. The occurrence might affect the security of certain individuals. While the drug store doesn't know about any real damage done to people because of the circumstance, it is furnishing conceivably affected people with data by means of First Class mail with respect to steps taken, and what should be done to further fortify against likely defacement.

https://www.ehackingnews.com/2021/01/ransomware-attack-leaks-genrxs-data.html

■■□□□ Interesting thread: https://mobile.twitter.com/slaeryan/status/1345104252180463617

■□□□□ 📢 Bitcoin transaction of 666 BTC.

https://whale-alert.io/transaction/bitcoin/a27e6b1472ec44ae4eed3ff0a57f1ac9794b5cf1107cf5252555d403249fffe6/1

■■■□□ Cobalt Strike Defense

https://github.com/MichaelKoczwara/Awesome-CobaltStrike-Defence

■■■■□ Ticketmaster To Pay $10 Million Fine For Hacking A Rival Company.

https://thehackernews.com/2021/01/ticketmaster-to-pay-10-million-fine-for.html

■■□□□ #DataLeak: Hacker selling 368m users records stolen from 26 companies.

https://www.hackread.com/hacker-selling-users-records-stolen-26-companies/

■■■■□ HyperDbg - The Source Code Of HyperDbg Debugger

https://github.com/HyperDbg/HyperDbg

https://www.kitploit.com/2021/01/hyperdbg-source-code-of-hyperdbg.html

■■□□□ SolarWinds mess flared in the holidays - company confirms malware targeted crocked Orion product.

https://go.theregister.com/feed/www.theregister.com/2021/01/04/solarwinds_malware_confirmed/

■■□□□ British Court Rejects U.S. Request to Extradite WikiLeaks' Julian Assange.