A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom.
Source: Read More (Threatpost)
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom.
Source: Read More (Threatpost)
A threat actor has exploited a vulnerability in the backend of OpenSea, the internet’s largest NFT marketplace, to buy products at previous (lower) prices and then resell them at higher values, defrauding legitimate asset owners. At the time of writing, the attacker has made at least 332 Ether ($745,000) by exploiting this vulnerability, according to […]
The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as “incomplete in certain non-default configurations.” The second vulnerability — tracked as CVE-2021-45046 — is rated 3.7 out of a maximum of 10 on the CVSS rating system and affects all […]
Introduction Today’s diary is a forensic challenge for December 2021. This month’s challenge is based on network traffic from an Active Directory (AD) environment where a Windows client becomes infected. The prize for this contest is a Raspberry Pi. The packet capture (pcap) is in a password-protected zip archive available here. Rules for the contest […]