California Pizza Kitchen discloses a data breach
American pizza chain California Pizza Kitchen (CPK) suffered a data breach that might have exposed personal information of its employees....
OSINT
Nosferatu – Lsass NTLM Authentication Backdoor
Lsass NTLM Login example using Impacket:LimitationsIn an Active Directory environment, authentication via RDP, runas, or the lock screen does not...
Malwarebytes CrackMe – contest summary
On October 29 we published our third CrackMe Challenge and announced two parallel tracks for the contest: “The fastest solve”...
North Korea-linked TA406 cyberespionage group activity in 2021
North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint...
Msticpy – Microsoft Threat Intelligence Security Tools
Microsoft The msticpy package was initially developed to support This is an unsupervised learning module implemented using SciKit Learn DBScan.More...
Cobalt Stike Beacon Detected – 192[.]3[.]86[.]197:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 34[.]236[.]151[.]14:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]53[.]108[.]183:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 31[.]210[.]20[.]136:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 138[.]68[.]225[.]209:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 202[.]61[.]200[.]207:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Conti ransomware operations made at least $25.5 million since July 2021
Researchers revealed that Conti ransomware operators earned at least $25.5 million from ransom payments since July 2021. A study conducted...
Android banking Trojan BrazKing is back with significant evasion improvements
The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM...
Patch now! FatPipe VPN zero-day actively exploited
According to its marketing team, a FatPipe MPVPN can make your VPN “900% more secure.” Well, I don’t know about...
Microsoft addresses a high-severity vulnerability in Azure AD
Microsoft recently addressed an information disclosure vulnerability, tracked as CVE-2021-42306, affecting Azure AD. Microsoft has recently addressed an information disclosure...
Cobalt Stike Beacon Detected – 207[.]148[.]77[.]109:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 172[.]241[.]27[.]91:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]146[.]165[.]143:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]223[.]189[.]223:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Phishers target TikTok influencers with verification promises and copyright threats
Influencers on TikTok are feeling the pinch of scams and phishing thanks to targeted campaigns hungry for fresh logins. The...
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores....
Kubernetes-Goat – Is A “Vulnerable By Design” Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security
The Kubernetes Goat is designed to be an intentionally Upcoming Training's and SessionsDEFCON DEMO Labshttps://forum.defcon.org/node/237237Cloud Village - DEFCONhttps://cloud-village.org/#talks?collapseMadhuAkulaRecent Kubernetes Goat...
Zero-Day flaw in FatPipe products actively exploited, FBI warns
The FBI is warning of a zero-day vulnerability in FatPipe products that has been under active exploitation since at least...
Update now! Netgear vulnerability patched
Netgear has released a fix for a vulnerability on several of their product models. The affected product models include extenders,...
