Decryptedtech Decryptedtech Decryptedtech Decryptedtech
  • Home
  • Articles
    • News
    • Security Talk
    • Game Thoughts
    • Editorials
    • Shows and Events
    • Leaks and Rumors
    • My Ramblings
    • In Other News
    • Bits, Bytes, and Bourbon
  • Consulting
    • Security Consulting
    • Why Us
    • Services
  • Privacy Policy
  • Archived Items
    • Reviews
      • Enthusiast Gear
        • Motherboards
        • CPUs
        • GPUs
        • Audio
        • Storage and Networking
        • Entusiast Peripherals
      • Pro Gear
        • Motherboards
        • Memory
        • Storage and Networking
      • Consumer Gear
        • Motherboards
        • Audio
        • Storage and Networking
        • Consumer Peripherals
      • Home Theater
      • Mobile Computing
      • Tech Unplugged
      • Gadgets
      • Systems
        • Pro Systems
      • Software and Games
        • Consumer Software
        • Games
      • Peripherals
      • Power and Cooling
  • Bits, Bytes, and Bourbon Store

News

News

BreachForums finds themselves the Victim of a Data Breach and Data Leak

Using a famous idiom, it looks like the shoe is on the other foot as BreachForums has found themselves the victim of a data breach and release of data. The breach took place in November of 2022 and culminated with the arrest of one of the owners of the forum. The responsible parties were able to attack and exfiltrate data from the site including user information, IP addresses and internal messages sent between users and the forum.

Details
By Sean Kalinich
Sean Kalinich
Jul 28
Hits: 2787
  • Hacking
  • Cybersecurity
  • Data Breach
  • data leak
  • breachforums
  • dataleak
  • bpahomet
  • pompompurim

Read more: BreachForums finds themselves the Victim of a...

No comments on “BreachForums finds themselves the Victim of a Data Breach and Data Leak”
News

Open-Source Supply Chain Attack used in Campaign Targeting Banks

Supply chain attacks are all the rage right now (although certainly not new). These attacks are part of what appears to be a multi-pronged shift in the threat landscape. While attacks on the endpoint and users are still happening, we are also seeing expanded efforts in targeting edge devices, networking equipment, and an increased focus on open-source repositories. Recently a new campaign was discovered that is leveraging open-sourced software supply chain attacks in an effort to target the banking sector.

Details
By Sean Kalinich
Sean Kalinich
Jul 24
Hits: 2071
  • Hacking
  • Security
  • Malware
  • Open Source
  • Cybersecurity
  • Havok
  • cobalt strike
  • supply chain attacks
  • npm

Read more: Open-Source Supply Chain Attack used in Campaign...

No comments on “Open-Source Supply Chain Attack used in Campaign Targeting Banks”
News

Recently Stolen Microsoft Account Signing Keys can be used to Abuse other Microsoft Identification Related Services

After a recent attack on Federal Civilian Execute Branch (FCEB) Agencies by an APT (Advanced Persistent Threat) group currently suspected of being a nation-state group from China, (whew that was a long start), It has come to the attention of some cloud researchers that these signing keys are not just useful for attacking Exchange Online. According to cloud security company Wiz these MSA Keys can be used to forge tokens for anything that relies on Microsoft Azure AD (Entra ID) Identity services.

Details
By Sean Kalinich
Sean Kalinich
Jul 21
Hits: 2194
  • Hacking
  • APT
  • Microsoft
  • Cloud Security
  • IAM
  • threat landscape
  • token signing keys
  • wiz
  • pam

Read more: Recently Stolen Microsoft Account Signing Keys...

No comments on “Recently Stolen Microsoft Account Signing Keys can be used to Abuse other Microsoft Identification Related Services”
News

Mystery still Surrounds theft of MSA signing Key in recent FCEB Breaches

Last week Microsoft, the FBI, and CISA made disclosed several attacks on Federal Civilian Executive Branch agencies and other targets of a campaign that appeared to be driven by a new threat group out of China. The attack we detected and tracked down using internal logging available to the GCC low-side tenants and with the help of Microsoft. Fortunately, GCC (Government Cloud Computing) Low Side is not supposed to contain or pass any classified information. It is intended to be used by government agencies and contractors that do not need or have authorization to access anything more than routine sensitive information. This does not reduce the seriousness of the attack and does beg the question on how well the tenants were secured by the cybersecurity teams involved, but at least nothing National Security related was compromised.

Details
By Sean Kalinich
Sean Kalinich
Jul 18
Hits: 1685
  • Hacking
  • Microsoft
  • Cybersecurity
  • threat groups
  • storm0558
  • exchange online
  • api abuse
  • msa signing key theft

Read more: Mystery still Surrounds theft of MSA signing Key...

No comments on “Mystery still Surrounds theft of MSA signing Key in recent FCEB Breaches”
News

BlackLotus UEFI Bootkit Source Coe Leaked Allowing Researchers and Threat Groups Alike to Review the Code

The UEFI (Unified Extensible Framework Interface) was the replacement for the old BIOS (Basic Input Output System). It was intended as an improvement to the underlying systems on a motherboard (also called mainboard) the motherboard controls communication between all components connected to it from CPUs, to memory, to GPUs, disk or solid-state drives, network cards… you get the picture. The old BIOS was limited and also susceptible to compromise in a number of rather simple ways. By moving to UEFI systems could become more complex without issues potential hardware conflicts, the UEFI structure was also much faster than the BIOS system meaning that as overall computing increased in speed the underlying controls for different components was up to the task.

Details
By Sean Kalinich
Sean Kalinich
Jul 13
Hits: 984
  • Windows
  • Hacking
  • Malware
  • Microsoft
  • UEFI
  • Source Code
  • blacklotus
  • bootlicker exploit
  • baton drop

Read more: BlackLotus UEFI Bootkit Source Coe Leaked...

No comments on “BlackLotus UEFI Bootkit Source Coe Leaked Allowing Researchers and Threat Groups Alike to Review the Code”

More Articles …

  1. US Federal Civilian Executive Branch Agency’s Email Compromised by new Chinese APT Group
  2. Security Researchers are Still on Attacker Radar as new “POC” is Found to have Malware Inside
  3. Policy Loopholes in Microsoft Windows used to Allow Forged Kernel-Mode Driver Signatures
  4. Vishing Efforts in South Korea get a Boost from new “Letscall” Malware
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10

Page 1 of 570

Follow Us

Follow DecryptedTech on Social Media

facebook twitter linkedin
Decryptedtech