many parts make the whole
Malicious code has been detected in xz Utils that appears to be intended to create a backdoor in sshd. xz Utils is a common compression utility used in many Linux distros including Debian and Red Hat. according to a researcher from Analygence the malicious versions of xz Utils were not added to production versions of … Read More “BACKDOOR IN WIDELY USED Linux UTILITY TARGETS SSH CONNECTIONS” »
In the wake of an attack on Change Healthcare UnitedHealth Group has paid out over $2 billion to help effected health-care providers. Change Healthcare handles prescriptions and billing for more than 67,000 pharmacies in the U.S. A ransomware attack beginning February 21st caused widespread outages to hospitals and pharmacies across the U.S. Change Healthcare took … Read More “UnitedHealth Group HAS PAID OVER $2 BILLION FOLLOWING CYBERATTACK” »
The big news this past week was a ransomware attack against MGM Resorts and Caesar’s Entertainment. The attacks have both been attributed to ALPHV and apparently Caesar’s quickly paid the ransom, (which may have been tens of millions according to bloomberg), while MGM seems to have refused to pay up and is still having issues … Read More “MGM AND CAESARS RANSOMWARE ATTACKS” »
BillyBoss is an intermediate machine on OffSec Proving Grounds Practice. This machine has a vulnerable content management system running on port 8081 and a couple of different paths to escalate privileges. In this walkthrough we’ll use GodPotato from BeichenDream. This machine is also vulnerable to smbghost and there will be another walkthrough at a later … Read More “BillyBoss – Proving Grounds Walkthrough” »
21 years after its’ launch, the Windows XP activation algorithm has been completely cracked allowing for offline activation. Unfortunately it is common for very out of date Operating Systems to still be deployed, especially in manufacturing and industrial settings. Software that is required to run or communicate with an essential piece of equipment was written … Read More “Windows XP ACTIVATION ALGORITHM CRACKED” »
The City of Dallas is currently dealing with a ransomware attack that is affecting multiple departments including the Police. Apparently while their systems are locked down Police and dispatch are having to do their work by hand which is slowing things down, although they are still responding as normal to calls. The City is advising … Read More “CITY OF DALLAS RANSOMWARE ATTACK” »
fo-sec recently posted a great writeup with ten different ways you may be able to bypass Windows Defender. If you have attempted or completed any CTFs, or intentionally vulnerable machines on Hack The Box, tryhackme, or Proving Grounds then you may have run into issues with Windows Defender blocking your efforts to gain a foothold … Read More “10 METHODS TO BYPASS Windows Defender” »
If you were not able to attend Shmoocon 2023 you can still view the talks and presentations. There are presentations on a wide variety of topics including career development, hardware hacking, Open Source Software, blue team operations, OSINT, and more! Videos are available here!
In it’s too good to be true news, what if you could just ask your target system to execute code? Lucas Luitjes has an interesting article about simply asking AI chatbots to execute code and it turns out they will! Sanitizing user input has been a known issue for quite some time. Without sanitized input … Read More “REMOTE CODE EXECUTION BY ASKING NICELY – InjectGPT” »
Veeam has recently disclosed a vulnerability which allows unauthenticated access to cleartext credentials. A bad actor would only require network access to exploit this vulnerability and it has been assigned a CVSS score of 7.5 HIGH. Versions before 12.0.0.1420 P20230223 and 11.0.1.1261 P20230227 are vulnerable. Leaked credentials are especially concerning in this case because they … Read More “Veeam Backup & Replication – CVE-2023-27532” »