Microsoft revoked several hardware developer accounts after drivers signed through their profiles were used in ransomware incidents. The attackers are using signed malware to disable antivirus and EDR software. More
QBot started delivering malware via a relatively new technique using HTML smuggling via SVG files. More
The FBI seized 48 domains and charged 6 suspects for their involvement in running DDoS-as-a-service platforms that allow anyone to easily launch distributed denial of service attacks. More
Social media analytics platform Social Blade suffered a data breach after its database was put up for sale on a hacking forum. The leak includes email addresses and password hashes. More
Colombian energy company Empresas Publicas de Medellin (EPM) suffered a ransomware attack. BlackCat/ALPHV disrupted the company’s operations by taking down online services. More
Microsoft reclassified a vulnerability patched in September as Critical. Tracked as CVE-2022-37958, the vulnerability is a pre-authentication remote code execution vulnerability impacting a wide range of protocols, including HTTP, SMB & RDP. Some researchers compare it to the vulnerability exploited by WannaCry and EternalBlue. More
Don’t have time to check this page? You can get the news summary every week in your email inbox by subscribing to my newsletter.
OSCE3, OSEP, OSED, OSWE, OSCP certified. Over 10 years of experience in the IT industry, now working in Product Security and leading a Red Team. Huge Offensive Security and CTF nerd. I enjoy music, teaching and hiking.