Nimbuspwn, a set of vulnerabilities in Linux’s networkd-dispatcher allow an attacker to escalate privileges to root. More
A remote code execution was discovered by Checkpoint in Qualcomm & MediaTek chipsets that handle music decoding for Apple lossless format. More
Cryptographic blunder in Java, tracked as CVE-2022-21449 allows attackers to forge ECDSA signatures. More
According to KrebsonSecurity, leaked Lapsus chats show they stole T-Mobile source code. More
LemonDuck group targets Docker for cryptomining attacks. More
Bitdefender released a white-paper on a payload delivered by RIG Exploit Kit. The RedLine Stealer Trojan captured in January uses 6 layers of encryption to hinder analysis and aims to steal information stored in browsers (password, credit cards, cookies), cryptocurrency wallets, Discord, Telegram, Steam logins & more. More
A report shows Quantum ransomware gang go from initial access to domain wide encryption in under 4 hours. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.
OSCE3, OSEP, OSED, OSWE, OSCP certified. Over 10 years of experience in the IT industry, now working in Product Security and leading a Red Team. Huge Offensive Security and CTF nerd. I enjoy music, teaching and hiking.