LightNews LightNews
landshark11.bsky.social
@landshark11.bsky.social
12 followers 44 following 0 posts
Posts Replies Media Videos
Reposted
techconnectify.bsky.social
Surely this new video won't make me seem like a crank.
www.youtube.com/watch?v=QEJp...
Algorithms are breaking how we think
YouTube video by Technology Connections
www.youtube.com
February 22, 2025 at 5:05 PM
Reposted
infosec.skyfleet.blue
CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw
CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw
Learn about the recently published technical details and PoC exploit code for CVE-2025-0107, a serious vulnerability in Palo Alto Networks' Expedition migration tool.
securityonline.info
January 18, 2025 at 3:07 AM
Reposted
campuscodi.risky.biz
Palo Alto Networks has silently patched an issue used by security researchers to dump cleartext PAN GlobalProtect VPN appliance passwords

github.com/t3hbb/PanGP_...
December 26, 2024 at 3:20 PM
Reposted
campuscodi.risky.biz
IBM X-Force's Logan Goins has released Krueger, a .NET tool for remotely killing EDR using the Windows Defender Application Control (WDAC) utility

github.com/logangoins/K...
GitHub - logangoins/Krueger: Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC - logangoins/Krueger
github.com
December 26, 2024 at 1:46 PM
Reposted
ajxchapman.bsky.social
CVE-2024-12727 Sophos coming in with an unauthenticated SQLi in their firewall appliance 👏
ajxchapman.bsky.social Alex Chapman @ajxchapman.bsky.social · Dec 18
CVE-2023-34990 🤦‍♂️🤦‍♂️
December 22, 2024 at 8:43 AM
Reposted
hexadecim8.com
Friends, FBI has responded to my FOIA request for Kevin Mitnick's files, and have made them available to everyone via the FBI public portal here: vault.fbi.gov/kevin-mitnic...
Kevin Mitnick Part 01 (Final)
vault.fbi.gov
December 15, 2024 at 7:14 PM
Reposted
campuscodi.risky.biz
Zscaler has discovered a new malware family named NodeLoader that's written in Node.js and works to distribute crypto-miners and information stealers to infected Windows systems

www.zscaler.com/blogs/securi...
NodeLoader Exposed: The Node.js Malware Evading Detection
A technical analysis of how a malware campaign using a game cheat lure leverages Node.js to distribute XMRig, Lumma and Phemedrone Stealer.
www.zscaler.com
December 14, 2024 at 5:25 PM
Reposted
campuscodi.risky.biz
An improperly patched Cleo vulnerability is being exploited in the wild

www.huntress.com/blog/threat-...
Cleo Software Actively Being Exploited in the Wild | Huntress
Huntress identified an emerging threat involving Cleo’s LexiCom, VLTransfer, and Harmony software, commonly used to manage file transfers. Read more about this emerging threat on the Huntress Blog.
www.huntress.com
December 10, 2024 at 12:08 PM
Reposted
theregister.com
AWS introduces S3 Tables, a new bucket type for data analytics
AWS introduces S3 Tables, a new bucket type for data analytics
Most significant API changes since S3 was launched, AWS VP tells us Re:Invent  There are two significant changes to AWS's ubiquitous S3 storage service arriving soon: first, a new Table bucket type aimed at data analytics; and second, a previewed…
dlvr.it
December 3, 2024 at 6:34 PM
Reposted
bleepingcomputer.com
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows.
#cybersecurity #linux #uefi #bootkit

www.bleepingcomputer.com/news/securit...
Researchers discover first UEFI bootkit malware for Linux
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows.
www.bleepingcomputer.com
November 27, 2024 at 5:38 PM
Reposted
campuscodi.risky.biz
At least 60 known threat actors exploited vulnerabilities from CISA's list of most exploited bugs last year.

According to security firm VulnCheck, North Korean group Silent Chollima was the most active, targeting 9 out of 15 CVEs from CISA's list.

vulncheck.com/blog/cisa-to...
November 23, 2024 at 9:28 PM
Reposted
campuscodi.risky.biz
Palo Alto Networks says the recent attacks against the management panels of its firewalls include not one but two zero-days

First, auth bypass: security.paloaltonetworks.com/CVE-2024-0012

Second, EoP: security.paloaltonetworks.com/CVE-2024-9474

Now, with their own CVEs
CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privil...
security.paloaltonetworks.com
November 19, 2024 at 1:07 AM
Reposted
bleepingcomputer.com
​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw.
www.bleepingcomputer.com/news/securit...
Critical RCE bug in VMware vCenter Server now exploited in attacks
​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw.
www.bleepingcomputer.com
November 18, 2024 at 7:38 PM
Reposted
markhamillofficial.bsky.social
Thanks for noticing.
November 17, 2024 at 11:05 PM