Privilege Escalation
IT security under attack blog series: Instant domain persistence by registering a rogue domain controller
In this blog in the IT security under attack series, we will learn about an advanced Active Directory (AD) domain controller (DC) attack to obtain persistence in AD environments. Dubbed DCShadow, this ...
Is IT security under attack?
From credential theft to network vulnerability exploitation and ransomware incidents on highly secure organizations, the year 2020 has been surprisingly rough on IT security. In the wake of the COVID-19 pandemic, companies around the ...
Advanced Active Directory attacks: Simulating domain controller behavior
There was a time when cyberattacks on identity and authentication infrastructures [like Active Directory (AD)] were immensely challenging to perform. A lot of forethought had to be put into devising a plan ...
Attackers Host Phishing Pages on Azure
Researchers have recently seen phishing attacks against Office 365 users wherein fake log-in pages were hosted on Microsoft Azure to give them more credibility. According to researchers from security firm EdgeWave, the ...
New Shlayer Malware Variant Targeting Macs
Security researchers have found a new variant of a trojan program dubbed Shlayer that infects Mac computers and disables the macOS Gatekeeper security agent. Shlayer was discovered a year ago by researchers ...
Serious Vulnerability Found in Lifesize Business Videoconferencing Devices
A security researcher from security firm Trustwave has found a vulnerability that could allow hackers to take over videoconferencing devices made by Lifesize. Some of the affected products have reached end-of-sale or ...
FaceTime Group Chat Disabled Due to Snooping Bug
Apple has disabled the group chat feature in its FaceTime video calling app after a bug was discovered that allows callers to remotely turn on the microphones on the recipients’ devices. The ...
SSD Advisory – SME Server Unauthenticated XSS To Privileged Remote Code Execution
Vulnerabilities Summary The following advisory describes a vulnerability in SME Server 9.2, which lets an unauthenticated attackers perform XSS attack that leads to remote code execution as root. SME Server is a ...
Researcher Drops Third Windows Zero-Day Exploit in Four Months
A security researcher who uses the online handle SandboxEscaper has published proof-of-concept exploit code for an unpatched vulnerability in Windows. The flaw is located in the “MsiAdvertiseProduct” function, which, according to Microsoft’s ...
Business Email Compromise Gang Targeted 50,000 Company Executives
A Nigerian gang with members based in the U.K. is perpetrating a business email compromise operation aimed squarely at executives at companies with locations worldwide. The gang has compiled a target list ...
