Raspberry Robin is a worm spread by external drives that leverages Windows Installer to download a malicious DLL.

Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

CVE-2022-26925 : Microsoft a corrigé une faille de sécurité zero-day qui touche toutes les versions de Windows et qui permet une attaque par relais NTLM.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.

On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.

Un inquiétant cheval de Troie très discret et multiplateformes vient d'être repéré. Baptisé SysJoker et mis en lumière par la firme de sécurité Intezer, il peut cibler autant Windows, Linux que macOS. Pire encore, celui-ci passait sous les radars des antivirus depuis un bout de temps. Les versions Linux et macOS n'étaient jusqu'à présent pas du tout détectées par des sites

In December 2021, we discovered a new multi-platform backdoor that targets Windows, Mac, and Linux that we have named SysJoker.

In February 2022, Microsoft patched the vulnerability I used in TianfuCup 2021 for escaping Adobe Reader sandbox, assigned CVE-2022-22715. The vulnerability existed in Named Pipe File System nearly 10 years since the AppContainer was born. We called it "Windows Dirty Pipe". In this article, I will share the root cause and exploitation of Windows Dirty Pipe. So let's start our journey.

911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its…

Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.

Windows RPC enumeration, discovery, and auditing via NtObjectManager. We will audit the vulnerable RPC interfaces that lead to PetitPotam, discover how they have changed over the past year, and overcome some common RPC auditing pitfalls.

The National Security Agency (NSA) and partner cybersecurity authorities released a Cybersecurity Information Sheet today recommending that Microsoft Windows® operators and administrators properly

7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files.

Raspberry Robin is a worm spread by external drives that leverages Windows Installer to download a malicious DLL.

Don’t let cyber threats get the best of you. Read our post, SVCReady: A New Loader Gets Ready, to learn more about cyber threats and cyber security.

Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems.

CVE-2022-26925 : Microsoft a corrigé une faille de sécurité zero-day qui touche toutes les versions de Windows et qui permet une attaque par relais NTLM.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

For April Patch Tuesday, the computing giant addressed a zero-day under active attack and several critical security vulnerabilities, including three that allow self-propagating exploits.

On December 14, 2021, during the Log4Shell chaos, Microsoft published CVE-2021-43893, a remote privelege escalation vulnerability affecting Windows EFS.

Un inquiétant cheval de Troie très discret et multiplateformes vient d'être repéré. Baptisé SysJoker et mis en lumière par la firme de sécurité Intezer, il peut cibler autant Windows, Linux que macOS. Pire encore, celui-ci passait sous les radars des antivirus depuis un bout de temps. Les versions Linux et macOS n'étaient jusqu'à présent pas du tout détectées par des sites

In December 2021, we discovered a new multi-platform backdoor that targets Windows, Mac, and Linux that we have named SysJoker.