Jump to content
Tuts 4 You

FireEye discloses breach, theft of hacking tools


whoknows

Recommended Posts

Apple targets car production by 2024

reuters.com/article/us-apple-autos-exclusive/exclusive-apple-targets-car-production-by-2024-and-eyes-next-level-battery-technology-sources-idUSKBN28V2PY

Link to post
  • Replies 65
  • Created
  • Last Reply

Top Posters In This Topic

  • whoknows

    45

  • Kurapica

    7

  • deepzero

    3

  • Teddy Rogers

    3

Top Posters In This Topic

Popular Posts

https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/

today powered by white wine @ 2015 ( ITA @tonyweb )   src - otondo.com

Microsoft discovers SECOND hacking team dubbed 'Supernova' installed backdoor in SolarWinds software in March - as Feds say first Russian 'act of war' cyber attack struck at least 200 firms and US fed

Posted Images

Hackers believed to have stolen Treasury Department's encryption keys

businessinsider.com/hackers-seem-to-have-stolen-treasury-departments-encryption-keys-2020-12

Link to post

The FBI Is Breaking into Encrypted Devices. We’re Suing

aclu.org/news/privacy-technology/the-fbi-is-secretly-breaking-into-encrypted-devices-were-suing/

 

Seznam.cz, the Czech Republic's leading home-grown web search platform, said on Thursday it had claimed 9.072 billion crowns ($417 million) in damages from Google

techdirt.com/articles/20201218/07211345910/czech-search-engine-seznam-joins-lets-sue-google-fun-seeks-417-million-damages.shtml

 

Zelda Hit Detection - Behind the Code

youtube.com/watch?v=FBk-QkzMeIk

 

List of SolarWinds victims slowly growing

bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/
bleepingcomputer.com/news/security/solarwinds-victims-revealed-after-cracking-the-sunburst-malware-dga/

 

Cellebrite has claimed that it can decrypt messages from Signal's

bbc.com/news/technology-55412230
signal.org/blog/cellebrite-and-clickbait/

 

Malware Unpacking Tutorial - How to unpack FlawedAmmyy

youtube.com/watch?v=D1-O19AwW8U

 

VPN Safe-Inet has been taken down by Europol

europol.europa.eu/newsroom/news/cybercriminals%E2%80%99-favourite-vpn-taken-down-in-global-action

Edited by whoknows
adding shits (see edit history)
Link to post

Citrix confirms ongoing DDoS attack impacting NetScaler ADCs

bleepingcomputer.com/news/security/citrix-confirms-ongoing-ddos-attack-impacting-netscaler-adcs/

 

The Australian government actually set up a Department of Christmas Affairs

zdnet.com/article/the-australian-government-actually-set-up-a-department-of-christmas-affairs/

 

Telegram's Getting Ads

gizmodo.com/oh-great-telegrams-getting-ads-1845940099

 

PC DOS Reimagined

pcjs.org/blog/2020/12/22/

 

Web Authentication Methods Compared

testdriven.io/blog/web-authentication-methods/

Edited by whoknows (see edit history)
Link to post

SolarWinds - goal was the cloud data

Microsoft also detailed the step by step procedure used by the attackers to gain access to their victims' cloud assets:

Using the compromised SolarWinds DLL to activate a backdoor that enables attackers to remotely control and operate on a device

Using the backdoor access to steal credentials, escalate privileges, and move laterally to gain the ability to create valid SAML tokens using any of two methods:

Stealing the SAML signing certificate (Path 1)

Adding to or modifying existing federation trust (Path 2)

Using attacker-created SAML tokens to access cloud resources and perform actions leading to the exfiltration of emails and persistence in the cloud

bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/

Link to post
  • 2 weeks later...
whoknows

The more we learn, the worse it looks

zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/

Link to post
whoknows

Gained access to thousands of 'US Department of Justice' email accounts

techradar.com/news/solarwinds-hackers-gained-access-to-thousands-of-doj-email-accounts

Link to post
whoknows

JetBrain's TeamCity May Be Entry Point

nytimes.com/2021/01/06/us/politics/russia-cyber-hack.html

Link to post
whoknows

An Update on SolarWinds

blog.jetbrains.com/blog/2021/01/07/an-update-on-solarwinds/

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...