LockFile Exploits PettiPotam
Threat actor has started to leverage the recently discovered PetitPotam NTLM relay attack method to take over the Windows domain on various networks worldwide. Behind the attacks appears to be…
BlueLight Payload
Researchers from Volexity recently investigated a Strategic Web Compromise of the Daily NK website by InkySquid. The targeted site is an online newspaper based in South Korea that posts news…
GIT Operations Need 2FA
GitHub is urging its base of users to enable two-factor authentication as the platform shakes up how it protects accounts from compromise.GitHub stopped accepting account passwords when authenticating Git operations.…
Posted inAzure Security
Azure Credentials exposed in PlainText
Mimikatz has been used by a vulnerability researcher to dump a user's unencrypted plaintext Microsoft Azure credentials from Microsoft's new Windows 365 Cloud PC service.Mimikatz, an open-source software that allows…
Another RCE in Print Spooler Mayhem awaits
Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, after a day of releasing arch tuesday updates adding that it's working to remediate the issue…
Patch Tuesday August 2021
Microsoft patched 44 CVEs in the August 2021 Patch Tuesday release, including seven CVEs rated as critical and 37 rated as important. This month’s update includes patches for: .NET Core…
Posted inSecurity
APT 27 Behind Israel Attack
A Chinese cyber espionage group has been linked to a string of intrusion activities targeting Israeli government institutions, IT providers, and telecommunications companies.Tracked as "UNC215", a Chinese espionage operation linking…
MVISION enhances Dynamics 365
Mcafee announced that MVISION Cloud, part of its secure access service edge (SASE) offering MVISION Unified Cloud Edge (UCE), now provides enhanced security coverage for Microsoft Dynamics 365, a line of enterprise…