The Misconfiguration Manager repository provides a comprehensive resource for both offensive professionals and defenders to understand and manage the attack path related to Microsoft Configuration Manager (MCM), formerly known as SCCM.
How to hack the Airbus NAVBLUE Flysmart+ Manager Pierluigi Paganini February 05, 2024 Airbus Navblue Flysmart+ Manager allowed attackers to tamper with the engine performance calculations and intercept data. Flysmart+ is a suite of apps for pilot EFBs, helping deliver efficient and safe departure and arrival of flights. Researchers from Pen Test Partners discovered a […]
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an “aggressive” hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved […]
ReversingLabs researchers have discovered two malicious packages on the npm open source package manager that leverages GitHub to store stolen Base64-encrypted SSH keys lifted from developer systems that installed the malicious npm packages.
Zhang Hongliang, a former restaurant manager in central China, took various gigs in and outside China to support his family after losing his job during the COVID-19 pandemic. In March, a job offer to teach Chinese cooking at a restaurant led him into a cyber scam compound in Myanmar, where he was instead ordered to […]
Enlarge 1Password 1Password, a password manager used by millions of people and more than 100,000 businesses, said it detected suspicious activity on a company account provided by Okta, the identity and authentication service that disclosed a breach on Friday. “On September 29, we detected suspicious activity on our Okta instance that we use to manage […]
A former US Navy IT manager was sentenced to five years and five months in prison for hacking into a database, stealing personally identifiable information (PII), and selling it on the dark web. The man, Marquis Hooper, 32, of Selma, California, who was a chief petty officer, opened under false pretenses an account at a […]
Oct 14, 2023NewsroomAuthentication / Endpoint Security Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. “The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on […]
A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report […]
- 1
- 2