RogueWinRM – Windows Local Privilege Escalation From Service Account To System
RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account (with SeImpersonatePrivilege) to Local System...
RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account (with SeImpersonatePrivilege) to Local System...
Today Adobe Flash Player has reached its end of life (EOL), its vulnerabilities were exploited by multiple threat actors in...
Experts from threat intelligence firm Cyble have found documents relating to Covid-19 vaccine of European Medicines Agency in the Darkweb...
The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft...
A data breach broker is selling user records allegedly from twenty-six data breaches on a hacker forum. Security experts from...
Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered...
An Emotet campaign hit Lithuania, the malware has infected systems at the National Center for Public Health (NVSC) and several...
T-Mobile has disclosed a data breach that exposed customers’ network information (CPNI), including phone numbers and calls records. T-Mobile has...
US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end...
2020 was certainly an interesting year. There were quite a few newsworthy events and some fantastic exploit content released. Let’s...
Google has addressed a bug in its feedback tool incorporated across its services that could have allowed attackers to view...
The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) warns of ransomware attacks on COVID-19 vaccine research organizations. The US...
Microsoft says that SolarWinds hackers aimed at compromising the victims’ cloud infrastructure after deploying the Solorigate backdoor (aka Sunburst). The...
Japanese giant Kawasaki Heavy Industries discovered unauthorized access to a Japanese company server from multiple overseas offices. Kawasaki Heavy Industries...
Cybersecurity and Infrastructure Security Agency (CISA) released a tool for detecting potentially malicious activities in Azure/Microsoft 365 environments. The Cybersecurity...
Threat intelligence analyst discovered a threat actor that is selling a database of the Italian mobile service provider Ho mobile....
The Parliament of Finland confirmed that threat actors had access to email accounts of multiple members of parliament (MPs). “Parliament...
The American multinational manufacturer and marketer of home appliances Whirlpool was hit by the Nefilim ransomware gang. The American multinational manufacturer and marketer of home appliances Whirlpool...
Experts warn of a multi-platform credit card skimmer that can target online stores running on Shopify, BigCommerce, Zencart, and Woocommerce....
Although 2020 has been the worst year since 1945, as last year, this year we made a ranking with the...
Well, what a year it has been. I won’t waste your time by recapping the many, many difficulties that 2020...
Researchers discovered that the popular e-commerce app 21 Buttons was exposing private data for 100s of influencers across Europe. Researchers from...
Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016 You just need...
Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language,...