Security First as Microsoft lies you! Mind blowing vulnerability in a functionality intentionally developed by Microsoft enabled compromise to all Azure tenants! dirkjanm.io/obtaining-gl...
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise ...
dirkjanm.io
September 18, 2025 at 4:56 AM
Security First as Microsoft lies you! Mind blowing vulnerability in a functionality intentionally developed by Microsoft enabled compromise to all Azure tenants! dirkjanm.io/obtaining-gl...
It's time to secure your software supply chain. Popular npm packages with 20 billion weekly downloads have been compromised, and this isn't a single incident. thehackernews.com/2025/09/20-p...
20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack
20 npm packages with 2B weekly downloads compromised after maintainer phishing led to crypto-stealing malware.
thehackernews.com
September 13, 2025 at 5:51 AM
It's time to secure your software supply chain. Popular npm packages with 20 billion weekly downloads have been compromised, and this isn't a single incident. thehackernews.com/2025/09/20-p...
Sometimes we need something else than just firewall rules. Way to go!
www.europol.europa.eu/media-press/...
www.europol.europa.eu/media-press/...
Global operation targets NoName057(16) pro-Russian cybercrime network – The offenders targeted Ukraine and supporting countries, including many EU Member States | Europol
The offenders targeted Ukraine and supporting countries, including many EU Member States. Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol, targete...
www.europol.europa.eu
July 18, 2025 at 1:44 PM
Sometimes we need something else than just firewall rules. Way to go!
www.europol.europa.eu/media-press/...
www.europol.europa.eu/media-press/...
Reposted by DudeOnSecurity
The attack is likely being carried out by a nation-state or another well-resourced threat actor, according to researchers.
Thousands of Asus routers are being hit with stealthy, persistent backdoors
Backdoor giving full administrative control can survive reboots and firmware updates.
arstechnica.com
May 29, 2025 at 4:59 PM
The attack is likely being carried out by a nation-state or another well-resourced threat actor, according to researchers.
Russian influence in the USA is intensifying. therecord.media/hegseth-orde...
Exclusive: Hegseth orders Cyber Command to stand down on Russia planning
The secretary of Defense has ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, sources tell Recorded Future News.
therecord.media
March 3, 2025 at 5:40 AM
Russian influence in the USA is intensifying. therecord.media/hegseth-orde...
Check your Signal settings for 𝐋𝐢𝐧𝐤𝐞𝐝 𝐃𝐞𝐯𝐢𝐜𝐞𝐬! cloud.google.com/blog/topics/...
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog
Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.
cloud.google.com
February 19, 2025 at 1:39 PM
Check your Signal settings for 𝐋𝐢𝐧𝐤𝐞𝐝 𝐃𝐞𝐯𝐢𝐜𝐞𝐬! cloud.google.com/blog/topics/...
You can diminish simple buffer overflows from your C code. It is possible. It can be automated. Really. #softwaresecurity #cybersecurity www.darkreading.com/vulnerabilit...
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.
www.darkreading.com
January 13, 2025 at 6:02 AM
You can diminish simple buffer overflows from your C code. It is possible. It can be automated. Really. #softwaresecurity #cybersecurity www.darkreading.com/vulnerabilit...
If your car is connected, it is being followed: www.bleepingcomputer.com/news/securit...
Customer data from 800,000 electric cars and owners exposed online
Volkswagen's automotive software company, Cariad, exposed data collected from around 800,000 electric cars. The info could be linked to drivers' names and reveal precise vehicle locations.
www.bleepingcomputer.com
December 30, 2024 at 9:48 AM
If your car is connected, it is being followed: www.bleepingcomputer.com/news/securit...
It seems every possible vendor is celebrating 100% coverage in MITRE ATT&CK evaluations. And each has their fanbase cheering like it’s New Year’s Eve. Who is lying? Guess we can all retire now. #mitre #mitreatt&ck #cybersecurity
December 16, 2024 at 3:15 AM
It seems every possible vendor is celebrating 100% coverage in MITRE ATT&CK evaluations. And each has their fanbase cheering like it’s New Year’s Eve. Who is lying? Guess we can all retire now. #mitre #mitreatt&ck #cybersecurity
Email phishing: still the king of digital crime. 👑 How long will this reign last? ⏳ #phishing #cybersecurity #neverlearn
December 16, 2024 at 3:00 AM
Email phishing: still the king of digital crime. 👑 How long will this reign last? ⏳ #phishing #cybersecurity #neverlearn
Ivanti keeps on giving (CVSS 10.0). I would seriously consider running these on enterprise or other environments. We should demand more! www.bleepingcomputer.com/news/securit...
Ivanti warns of maximum severity CSA auth bypass vulnerability
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution.
www.bleepingcomputer.com
December 11, 2024 at 6:22 AM
Ivanti keeps on giving (CVSS 10.0). I would seriously consider running these on enterprise or other environments. We should demand more! www.bleepingcomputer.com/news/securit...
Teams is malware (still)! cybersecuritynews.com/red-team-too...
New Red Teamers Tool to Execute System Command On Hosts Via Microsoft Teams
A groundbreaking tool has emerged in the realm of red teaming, offering the ability to execute system commands on hosts via MS Teams.
cybersecuritynews.com
December 9, 2024 at 6:58 AM
Teams is malware (still)! cybersecuritynews.com/red-team-too...
Teams is malware! cybersecuritynews.com/black-basta-...
Black Basta Ransomware Leverages Microsoft Teams To Attack Windows Users
Black Basta ransomware operators have improved their tactics, leveraging Microsoft Teams to deploy Zbot, DarkGate, and Custom Malware.
cybersecuritynews.com
December 9, 2024 at 6:57 AM
Teams is malware! cybersecuritynews.com/black-basta-...
For the attacker, persistency is the key. For the defender, you have to go deep deep down the rabbit hole to erade the attackers. therecord.media/fbi-cisa-chi...
FBI, CISA say Chinese hackers are still lurking in US telecom systems
In a call with reporters, senior officials at the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI said the agencies have been investigating the incident since late spring, and have...
therecord.media
December 4, 2024 at 4:07 AM
For the attacker, persistency is the key. For the defender, you have to go deep deep down the rabbit hole to erade the attackers. therecord.media/fbi-cisa-chi...
I agree: ”In modern LLM systems, there is a lot of code between what you type and what the LLM receives, and between what the LLM produces and what you see. All of that code is exploitable, and I expect many more vulnerabilities to be discovered in the coming year.” www.schneier.com/blog/archive...
Race Condition Attacks against LLMs - Schneier on Security
These are two attacks against the system components surrounding LLMs: We propose that LLM Flowbreaking, following jailbreaking and prompt injection, joins as the third on the growing list of LLM attac...
www.schneier.com
December 2, 2024 at 7:04 AM
I agree: ”In modern LLM systems, there is a lot of code between what you type and what the LLM receives, and between what the LLM produces and what you see. All of that code is exploitable, and I expect many more vulnerabilities to be discovered in the coming year.” www.schneier.com/blog/archive...
Google is doing very interesting work on AI-assisted vulnerability research. It's likely that other, less reputable actors are doing so as well. thehackernews.com/2024/11/goog...
Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine
Google's Big Sleep AI framework uncovers a zero-day vulnerability in SQLite, showcasing AI-driven security potential.
thehackernews.com
November 29, 2024 at 3:00 PM
Google is doing very interesting work on AI-assisted vulnerability research. It's likely that other, less reputable actors are doing so as well. thehackernews.com/2024/11/goog...
Great to see efforts on standardizing Cyber Threat Intel #cti activities in an industry with diverse practices. Take a look at the CTI-CMM maturity model. Are you using any other CTI maturity models? cti-cmm.org
cti-cmm
A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value
cti-cmm.org
November 25, 2024 at 5:51 PM
Great to see efforts on standardizing Cyber Threat Intel #cti activities in an industry with diverse practices. Take a look at the CTI-CMM maturity model. Are you using any other CTI maturity models? cti-cmm.org
It doesn’t need to be the most critical CVSS 9.8 vulnerability to be exploited. Is your vulnerability management program prioritizing vulnerabilities that can be exploited in your attack paths? thehackernews.com/2024/11/russ...
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
Russian actors exploit NTLM flaw in attacks on Ukraine, patched by Microsoft this week
thehackernews.com
November 23, 2024 at 5:24 AM
It doesn’t need to be the most critical CVSS 9.8 vulnerability to be exploited. Is your vulnerability management program prioritizing vulnerabilities that can be exploited in your attack paths? thehackernews.com/2024/11/russ...
Where to start? Start from the basics. You do not connect your management interface to public network: thehackernews.com/2024/11/warn...
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
Palo Alto Networks urges fixes as 2,000 devices are hacked in exploits targeting critical flaws.
thehackernews.com
November 22, 2024 at 11:21 PM
Where to start? Start from the basics. You do not connect your management interface to public network: thehackernews.com/2024/11/warn...