Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years This article has been indexed from www.infosecurity-magazine.com Read the original article: Number of Unauthorized Cobalt Strike Copies Plummets 80%
Tag: EN
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Developer Pleads Guilty to Injecting Malware and Crippling Company Systems
In a stunning case of corporate sabotage, a former software developer for Eaton Corp., Davis Lu, 55, of Houston, has been found guilty by a jury of intentionally damaging the company’s internal computer systems. This malicious act occurred after his…
New North Korean Moonstone Sleet Employs Creative Tactics To Deploy Custom Ransomware
Cybersecurity researchers have identified a sophisticated ransomware campaign attributed to a North Korean threat actor dubbed “Moonstone Sleet.” The group has deployed an advanced custom ransomware strain targeting financial institutions and cryptocurrency exchanges across Southeast Asia and Europe, demonstrating evolving…
Apache Traffic Server Vulnerabilities Let Attackers Perform Malformed Requests
The Apache Software Foundation has issued urgent patches for multiple high-severity vulnerabilities in Apache Traffic Server (ATS), its enterprise-grade caching proxy server. Four distinct flaws (CVE-2024-38311, CVE-2024-56195, CVE-2024-56196, and CVE-2024-56202) enable threat actors to execute request smuggling attacks, bypass access…
Akira Ransomware Attacking Windows Server via RDP & Evades EDR Using Webcam
A sophisticated ransomware group called Akira has been responsible for approximately 15% of cybersecurity incidents in 2024. The threat actor has deployed novel techniques to bypass security defenses, most notably by exploiting unsecured webcams to circumvent Endpoint Detection and Response…
Shellcode Encoded in UUIDs, (Mon, Mar 10th)
I returned from another FOR610[1] class last week in London. One key tip I give to my students is to keep an eye on “strange” API calls. In the Windows ecosystem, Microsoft offers tons of API calls to developers. The…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Malwarebytes Premium Security awarded “Product of the Year” from AVLab
Malwarebytes Premium Security has once again been awarded “Product of the Year” after successfully blocking 100% of “in-the-wild” malware samples. This article has been indexed from Malwarebytes Read the original article: Malwarebytes Premium Security awarded “Product of the Year” from…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
WinDbg Vulnerability Allows Attackers to Execute Remote Code
Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows remote code execution (RCE) due to improper cryptographic signature verification in the SOS debugging extension. According to Github’s Post, Developers…
Commvault Webserver Vulnerability Let Attackers Compromise Webserver
Commvault, a global leader in enterprise data protection and management solutions, has urgently patched a high-severity webserver vulnerability that enables attackers to compromise systems by creating and executing malicious webshells. The flaw affects multiple versions of Commvault’s software across Linux…
Microsoft WinDbg RCE Vulnerability Let Attackers Execute Arbitrary Code Remotely
A high-severity vulnerability CVE-2025-24043, remote code execution (RCE) through improper cryptographic signature validation in the SOS debugging extension. The vulnerability affects critical .NET diagnostic packages including dotnet-sos, dotnet-dump, and dotnet-debugger-extensions, which are integral to .NET Core application debugging workflows. According…
1 Million Devices Infected by Malwares Hosted on GitHub, Microsoft Warns
Microsoft Threat Intelligence detected a large-scale malvertising campaign in early December 2024 that infected nearly one million devices globally in an opportunistic attack designed to steal information. The campaign impacted a wide range of organizations and industries, affecting both consumer…
Strap in, get ready for more Rust drivers in Linux kernel
Likening memory safety bugs to smallpox may not soothe sensitive C coders Rust is alive and well in the Linux kernel and is expected to translate into noticeable benefits shortly, though its integration with the largely C-oriented codebase still looks…
Trump Administration and the Russian Cyber Threat, Firefox Privacy Changes
In this episode, we discuss whether the Trump administration ordered the U.S. Cyber Command and CISA to stand down on the Russian cyber threat. We also touch on the Canadian tariff situation with insights from Scott Wright. Additionally, we discuss…
GUEST ESSAY: Four essential strategies to bolster cyber resilience in critical infrastructure
In 2023, victims reported nearly 900,000 cybercrime complaints to the FBI. Altogether, losses eclipsed $12.5 billion — a significant 22% increase from the losses in 2022. Related: Closing the resiliency gap Unsurprisingly, experts predict this trend will continue to grow…
ONCD consolidates power, undocumented Bluetooth commands, Japan NTT Breach
ONCD set to consolidate power in U.S. cyber Undocumented commands found in Bluetooth chip used by a billion devices Japanese telecom NTT breach affects 18,000 companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Thinkware Dashcam Vulnerability Leaks Credentials to Attackers
A series of significant security vulnerabilities have been discovered in the Thinkware Dashcam, specifically the F800 Pro model, which could pose serious risks to users’ privacy and security. These issues include unauthorized access to sensitive data, denial of service, and…