Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Threat Research Blog
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
June 16, 2021 |
by Tyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson, Jordan Nuce
...
Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day
Executive Summary
Mandiant recently responded to multiple security incidents involving compromises of Pulse Secure VPN appliances.
This blog post examines multiple, related techniques for bypassing single and multifactor authentication on Pulse...
Exploit for Firefox 68 on Android Local Area Network SSDP Screencast
Firefox for Android LAN-Based Intent Triggering
Exploit research and development by Chris Moberly (Twitter: @init_string)
Overview
The SSDP engine in Firefox for Android (68.11.0 and below) can be tricked into triggering Android...
Kaseya VSA Zero Day Exploit Explained
This article explains the pre-auth remote code execution exploit against Kaseya VSA Server that was used in the mass Revil ransomware attack on July 2nd, 2021. On July 5th, after...
Misconfigured Kubernetes Target Of XMRig Mining Campaign
XMRig Campaign Target Misconfigured Kubernetes to Mine Cryptocurrency
Kubernetes clusters, due to their cloud computing capabilities and widespread use, are the perfect target for crypto-mining campaigns. A widespread XMRig Monero-mining...
How A College Student Made 10k From Bug Bounties
Author: Tilson Galloway
API keys, passwords, and customer data are accidentally posted to GitHub every day.
Hackers use these keys to login to servers, steal personal information, and rack up absurd...
Russian Military Hackers Sandworm Exploiting Mail Software Says NSA
By Sergiu Gatlan
The U.S. National Security Agency (NSA) says that Russian military threat actors known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software...
Information suggests extraordinary interest for hacking and cybercrime during pandemic
Author: Edvardas Mikalauskas
With unemployment rates skyrocketing across the world as prolonged COVID-19 lockdowns continue to wreck the global economy, people who are forced to stay at home without a...
Air gapped hacking becoming a treasure trove of data for Hackers
Air-Gapped Systems are Becoming a Treasure Trove for Attackers
For years, air-gapping has been recommend as a standard cybersecurity practice to protect sensitive systems and networks. Often, organizations isolate their...
Ransomware Tactics, Techniques And How it Has Evolved
Ransomware Landscape Has Adapted and Evolved
Author: Kyle Fedorek
Ransomware attacks have increased manifold over the years and so have the ransom demands. This year-over-year evolution of ransomware threats is primarily...