Jump to content
Tuts 4 You

FireEye discloses breach, theft of hacking tools


whoknows

Recommended Posts

Apple targets car production by 2024

reuters.com/article/us-apple-autos-exclusive/exclusive-apple-targets-car-production-by-2024-and-eyes-next-level-battery-technology-sources-idUSKBN28V2PY

Link to post
  • Replies 68
  • Created
  • Last Reply

Top Posters In This Topic

  • whoknows

    48

  • Kurapica

    7

  • deepzero

    3

  • Teddy Rogers

    3

Top Posters In This Topic

Popular Posts

https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/

today powered by white wine @ 2015 ( ITA @tonyweb )   src - otondo.com

Microsoft discovers SECOND hacking team dubbed 'Supernova' installed backdoor in SolarWinds software in March - as Feds say first Russian 'act of war' cyber attack struck at least 200 firms and US fed

Posted Images

Hackers believed to have stolen Treasury Department's encryption keys

businessinsider.com/hackers-seem-to-have-stolen-treasury-departments-encryption-keys-2020-12

Link to post

The FBI Is Breaking into Encrypted Devices. We’re Suing

aclu.org/news/privacy-technology/the-fbi-is-secretly-breaking-into-encrypted-devices-were-suing/

 

Seznam.cz, the Czech Republic's leading home-grown web search platform, said on Thursday it had claimed 9.072 billion crowns ($417 million) in damages from Google

techdirt.com/articles/20201218/07211345910/czech-search-engine-seznam-joins-lets-sue-google-fun-seeks-417-million-damages.shtml

 

Zelda Hit Detection - Behind the Code

youtube.com/watch?v=FBk-QkzMeIk

 

List of SolarWinds victims slowly growing

bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/
bleepingcomputer.com/news/security/solarwinds-victims-revealed-after-cracking-the-sunburst-malware-dga/

 

Cellebrite has claimed that it can decrypt messages from Signal's

bbc.com/news/technology-55412230
signal.org/blog/cellebrite-and-clickbait/

 

Malware Unpacking Tutorial - How to unpack FlawedAmmyy

youtube.com/watch?v=D1-O19AwW8U

 

VPN Safe-Inet has been taken down by Europol

europol.europa.eu/newsroom/news/cybercriminals%E2%80%99-favourite-vpn-taken-down-in-global-action

Edited by whoknows
adding shits (see edit history)
Link to post

Citrix confirms ongoing DDoS attack impacting NetScaler ADCs

bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/

 

The Australian government actually set up a Department of Christmas Affairs

zdnet.com/article/the-australian-government-actually-set-up-a-department-of-christmas-affairs/

 

Telegram's Getting Ads

gizmodo.com/oh-great-telegrams-getting-ads-1845940099

 

PC DOS Reimagined

pcjs.org/blog/2020/12/22/

 

Web Authentication Methods Compared

testdriven.io/blog/web-authentication-methods/

Edited by whoknows (see edit history)
Link to post

SolarWinds - goal was the cloud data

Microsoft also detailed the step by step procedure used by the attackers to gain access to their victims' cloud assets:

Using the compromised SolarWinds DLL to activate a backdoor that enables attackers to remotely control and operate on a device

Using the backdoor access to steal credentials, escalate privileges, and move laterally to gain the ability to create valid SAML tokens using any of two methods:

Stealing the SAML signing certificate (Path 1)

Adding to or modifying existing federation trust (Path 2)

Using attacker-created SAML tokens to access cloud resources and perform actions leading to the exfiltration of emails and persistence in the cloud

bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/

Link to post
  • 2 weeks later...
whoknows

The more we learn, the worse it looks

zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/

Link to post
whoknows

Gained access to thousands of 'US Department of Justice' email accounts

techradar.com/news/solarwinds-hackers-gained-access-to-thousands-of-doj-email-accounts

Link to post
whoknows

JetBrain's TeamCity May Be Entry Point

nytimes.com/2021/01/06/us/politics/russia-cyber-hack.html

Link to post
whoknows

An Update on SolarWinds

blog.jetbrains.com/blog/2021/01/07/an-update-on-solarwinds/

Link to post
whoknows

Solarwind, Fireeye, Microsoft and Cisco leaks are offered for sale

news.ycombinator.com/item?id=25754895
solarleaks.net

Link to post
whoknows

Malwarebytes Hit by SolarWinds Attackers

"They are trying to feed the beast, the more power they have, it gives them more tools and capabilities to attack more companies"

threatpost.com/malwarebytes-solarwinds-attackers/163190/

Link to post

Microsoft shares how SolarWinds hackers evaded detection

bleepingcomputer.com/news/security/microsoft-shares-how-solarwinds-hackers-evaded-detection/
bleepingcomputer.com/news/security/solarwinds-hackers-used-7-zip-code-to-hide-raindrop-cobalt-strike-loader/

Edited by whoknows (see edit history)
Link to post

After the SolarWinds Hack, We Have No Idea What Cyber Dangers We Face

newyorker.com/news/daily-comment/after-the-solarwinds-hack-we-have-no-idea-what-cyber-dangers-we-face

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...