In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the later days...
Read moreHacking for good! A judge said I could!
Read moreTwo lucky winners scooped $200k for just 20 minutes' work - if you don't count the days, weeks and months of meticulous effort beforehand
Read moreMore on the Chinese Zero-Day Microsoft Exchange Hack
March 10 2021
Nick Weaver has an excellent post on the Microsoft Exchange hack:
The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand...
Read more
Webshells explained, with some (safe) examples you can try at home if you want to learn more.
Read moreBeginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation...
Read moreBeginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation...
Read moreFour Microsoft Exchange Zero-Days Exploited by China
March 4 2021Microsoft has issued an emergency Microsoft Exchange patch to fix four zero-day vulnerabilities currently being exploited by China. EDITED TO ADD (3/12): Exchange Online is not affected.
Read moreChinese Hackers Stole an NSA Windows Exploit in 2014
March 4 2021
Check Point has evidence that (probably government affiliated) Chinese hackers stole and cloned an NSA Windows hacking tool years before (probably government affiliated) Russian hackers stole and then...
Read moreTwelve-Year-Old Vulnerability Found in Windows Defender
February 24 2021
Researchers found, and Microsoft has patched, a vulnerability in Windows Defender that has been around for twelve years. There is no evidence that anyone has used the vulnerability...
Read more
Recent Comments