Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers – post by LinkCyb
Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put […]
Attacks Over The Air – Cracking a Sports Scoreboard: Part 3 – post by LinkCyb
In our last post, part 2, we successfully captured the binary messages sent from the Score9 scoreboard controller to the receiver. Our main tools were the HackRF One software-defined radio and the Universal Radio Hacker tool. We had the binary, but unfortunately, as we discovered, it was encrypted – this became a serious challenge for […]
Kronos Malware Reemerges with Increased Functionality – post by LinkCyb
The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos […]
An IBM Hacker Breaks Down High-Profile Attacks – post by LinkCyb
On September 19, 2022, an 18-year-old cyberattacker known as “teapotuberhacker” (aka TeaPot) allegedly breached the Slack messages of game developer Rockstar Games. Using this access, they pilfered over 90 videos of the upcoming Grand Theft Auto VI game. They then posted those videos on the fan website GTAForums.com. Gamers got an unsanctioned sneak peek of […]
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP” – post by LinkCyb
September’s Patch Tuesday unveiled a critical remote vulnerability in tcpip.sys, CVE-2022-34718. The advisory from Microsoft reads: “An unauthenticated attacker could send a specially crafted IPv6 packet to a Windows node where IPsec is enabled, which could enable a remote code execution exploitation on that machine.” Pure remote vulnerabilities usually yield a lot of interest, but […]
What is Lorem Ipsum?
Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type specimen book. It has survived not only five centuries, but also the leap into electronic […]
Videos
NCSC statement following US advisory on ransomware targeting of US health sector – post by LinkCyb
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) have published an advisory on the threat of Ryuk ransomware.
Public embraces email reporting service created after spike in coronavirus-related scams – post by LinkCyb
As part of the Cyber Aware campaign, the NCSC successfully launched its suspicious email reporting service (SERS), resulting dozens of malicious web campaigns shut down in its first day after spike in coronavirus phishing scams.
UK and Singapore sign IoT security pledge – post by LinkCyb
Ciaran Martin explains why he is so pleased to have today signed an agreement to strengthen the partnership between the UK and Singapore on the security of internet-connected devices