Seqrite Labs uncovered a sophisticated multi-stage malware campaign named Swan Vector targeting educational and mechanical engineering sectors in Taiwan and Japan, using fake candidate resumes
Tag: PRIVILEGE
This article explores the use of Shadow Credentials in Active Directory for stealthy persistence and privilege escalation. It highlights challenges with common tools and demonstrates
ESC5 is a serious vulnerability in Active Directory Certificate Services (ADCS) that allows attackers with local admin rights to extract the CA’s private key and
This video explains how to effectively block unauthorized network traffic within an environment and discusses the importance of physical and device privileges in security. It
Google Threat Intelligence Group uncovered LOSTKEYS, a new malware by Russian-linked COLDRIVER targeting high-profile individuals to steal files and system data via a multi-stage PowerShell
Microsoft is developing a new Teams feature called Prevent Screen Capture to block users from taking screenshots of sensitive meeting content. Unsupported platform users will
TheWizards, a China-aligned threat group, uses Spellbinder to perform IPv6 adversary-in-the-middle attacks, hijacking legitimate Chinese software updates to deploy its WizardNet backdoor. The campaign targets
This article discusses how to gain root access to a host system from within a Docker container by using privileged mode and mounting the host
The ESC4 Active Directory Certificate Services vulnerability is a critical flaw that allows attackers to modify certificate templates with misconfigured permissions, enabling certificate theft and
In April 2025, Rapid7 disclosed three critical vulnerabilities in SonicWall SMA 100 series appliances allowing low-privileged attackers to escalate privileges, delete critical files, and achieve
Hackers are actively exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue administrator accounts. Immediate action is required to
The Play ransomware gang exploited a critical Windows Common Log File System vulnerability (CVE-2025-29824) to gain system privileges and deploy malware in various global organizations.