Community Feature - @ChicagoCyberA Curated Intelligence APT hunter - Joshua Miller - recently published new intelligence with Proofpoint on TA402 (aka Molerats), a likely Palestinian-aligned...
Community Feature - JCyberSec_Curated Intelligence members - JCyberSec - recently created an enlightening YouTube video analysing phishing kits designed to look like Royal Mail asking for a parcel...
When I got a new MacBook with an M1 Pro chip, I was excited to see the performance benefits. The first thing I did was to fire up hashcat which gave an impressive benchmark speed for NT hashes...
Overview of current GLIBC heap exploitation techniques up to GLIBC 2.34, including their ideas and introduced mitigations along the way
Disclaimer: These are unfiltered study notes mostly for myself. Guaranteed not to be error free. So if you did land here, managed to get to the end of it and found some mistakes just hit me up,...
For each CVE, the Wiz Research team maintains data from multiple threat intelligence sources and our own independent research. Now that we’ve added support for the new CISA KEV catalog, learn how...
Learn how to achieve compliance security at scale with Wiz and RegScale, supporting a variety of compliance framework controls.
Jordan Drysdale // Azure has replaced AWS in my personal development pipeline. This may sound crazy but hear me out. Microsoft has solidified its offerings, done nothing but improve its […] The...
Introduction “533 million Facebook users’ phone numbers leaked” was one of the highlighted titles that flooded many social networks’ pages. The leak that was initially for sale in 2020 has more...
Community Feature - @Bank_SecurityCurated Intelligence member Bank_Security has recently shared an overview of the most commonly advertised information related to financial institutions on the...
Authored By: Kiran Raj In a recent campaign of Emotet, McAfee Researchers observed a change in techniques. The Emotet maldoc... The post Emotet’s Uncommon Approach of Masking IP Addresses appeared...
In this post, we discuss five security limitations of endpoint security agents and also explain how adding agentless solutions can improve your cloud environment security.
On 2022-02-02, a campaign was reported, involving CoinStomp operator, gaining initial access via , while using Timestomping, Reverse shell, Cron persistence,. The following tools were observed: CoinStomp.
The Belarusian Cyber Partisans have shared documents related to another hack, and explained that Curated Intel member, SttyK, would “understand some of the methods used.”Written by @BushidoToken...
Community Feature - @Rag_secCurated Intelligence member Rag_sec has stitched together images of the Yelna military deployment area and motor pool using Maxar satellite imagery and geolocation...
An unauthenticated attacker with the ability to communicate with the affected device via a broadcast address can perform administrative operations on it. It is possible to upload firmware and...
An attacker can capture and decrypt the communication between the configuration software and the affected devices, since a symmetric encryption algorithm with a fixed key is used to encrypt the...
Targets of spyware attacks in which each malware sample has a limited-scope and a short lifetime include industrial enterprises. Victim organizations’ SMTP services are abused to send phishing...
As more organizations move to the cloud, so do attackers. What can you do to better protect your cloud environment in 2022? Wiz Research has compiled the most pressing cloud security threats and...
Twitch has fallen victim to an anonymous hacker who breached 125GB of data, including the service’s entire source code.
Twitch has fallen victim to an anonymous hacker who breached 125GB of data, including the service’s entire source code.
Community Feature - @SttyKCurated Intelligence's OSINT Ninja - Sh1ttyKids - has shared a collection of geolocation reports related to the REvil ransomware gang. On 14 January, the Russian FSB...
Community Feature - @ZephrFishCurated Intelligence Staff member ZephrFish recently uncovered concerning private information leak in BlackVue vehicular dashcams. Customers of BlackVue dashcams...
Community Feature - @cPeterrCurated Intelligence member Chuong Dong has recently shared his findings in a blog after reverse engineering an emerging ransomware family dubbed Rook. The ransomware...
NCC Group performed a pentest in which they had (notionally) compromised a developer's laptop who could commit code to a certain Java library. The researchers set a pre-requirement file to one...
NCC Group performed a pentest against a web application, in which they leveraged anonymous access to discover a sitemap folder that turned out to be an S3 bucket with directory listing enabled....
Community Feature - @michael_deeboCurated Intelligence member - Michael DeBolt - has expressed his views on what he calls the "CTI long game" and how CTI teams, as a core component of many...
Who is responsible for doing what when a new cloud vulnerability is disclosed? Right now, it can be hard to know.
Although it is still difficult to say to what extent vulnerable ICS systems are exposed to potential attacks, we hope that, unlike IT infrastructures, most vulnerable OT systems cannot accept...
This is a special joint webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand. In this webcast, we cover […] The...