Dark Web Profile: Keymous+

Dark Web Profile: Keymous+

Just a moment...

(socradar.io)

Read on HackerWorkspace: https://hackerworkspace.com/article/dark-web-profile-keymous

#malware #databreach #cybersecurity

73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation

73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation

Attackers can compromise systems in minutes while patching and response still take hours or days. Picus Security breaks down why autonomous validation is becoming critical for modern defense strategies.

BleepingComputer (www.bleepingcomputer.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/73-seconds-to-breach-24-hours-to-patch-the-case-for-autonomous-validation

#cybersecurity #aisecurity #vulnerability

Canvas Maker Instructure Reaches Agreement With Cybercriminals

Canvas Maker Instructure Reaches Agreement With Cybercriminals

Instructure says it reached an agreement with ShinyHunters over the Canvas breach data

Infosecurity Magazine (www.infosecurity-magazine.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/canvas-maker-instructure-reaches-agreement-with-cybercriminals

#ransomware #databreach #incidentresponse

EntryPoint Hijacking

EntryPoint Hijacking

The technique of EntryPoint Hijacking introduces a stealthier approach to code injection, as it doesn’t rely on API calls that create a new thread within the process context, and it is independent of the attack chain. Arbitrary code is written to memory, but it executes only when the process legitimately creates a new thread. This…

Purple Team (ipurple.team)

Read on HackerWorkspace: https://hackerworkspace.com/article/entrypoint-hijacking

#malware #cybersecurity #exploit

Think AI agents are risky? Your underlying stack is too | RL Blog

Think AI agents are risky? Your underlying stack is too | RL Blog

To manage risk from agentic AI use, organizations need to focus more on the infrastructure they run on.

ReversingLabs (www.reversinglabs.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/think-ai-agents-are-risky-your-underlying-stack-is-too-rl-blog

#cybersecurity #aisecurity #vulnerability

Shai-Hulud: Another Wave and Going Open Source

Shai-Hulud: Another Wave and Going Open Source

Shai-Hulud - the self-propagating npm/PyPI supply-chain worm - is now open source on GitHub, and copycats are already forking it. If your detection strategy depends on recognizing this specific malware, you've lost the next round. The right question is how to detect stolen credentials being used abnormally - invariant across every variant past and future.

(www.stream.security)

Read on HackerWorkspace: https://hackerworkspace.com/article/shai-hulud-another-wave-and-going-open-source

#malware #cybersecurity #authentication

Mystery Microsoft bug leaker keeps the zero-days coming

Mystery Microsoft bug leaker keeps the zero-days coming

Security pros warn YellowKey claim could make stolen laptops a much bigger problem

theregister (www.theregister.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/mystery-microsoft-bug-leaker-keeps-the-zero-days-coming

#databreach #vulnerability #exploit

Windows BitLocker zero-day gives access to protected drives, PoC released

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw.

BleepingComputer (www.bleepingcomputer.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released

#encryption #vulnerability #exploit

Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad

Gamaredon's infection chain: Spoofed emails, GammaDrop and GammaLoad

Identifier: TRR260501. Summary Investigating Gamaredon’s abuse of CVE-2025-8088, we identified a dozen waves of spearphishing emails against Ukrainian state institutions in a campaign that is still active, dating back to September 2025. These emails – spoofed or sent from compromised government accounts – deliver persistent, multi-stage VBScript downloaders that profile the infected system. In the […]

HarfangLab (harfanglab.io)

Read on HackerWorkspace: https://hackerworkspace.com/article/gamaredon-s-infection-chain-spoofed-emails-gammadrop-and-gammaload

#malware #cybersecurity #vulnerability

[DxBP] Part 1 - Technical Detection Engineering Best Practices

[DxBP] Part 1 - Technical Detection Engineering Best Practices

Part 1 of the Detection Engineering Best Practices series focuses on the technical foundations of building high quality detections. While examples are written in KQL for Microsoft Sentinel and Defender XDR, the challenges and best practices discussed—such as ingestion delays, identifier usage, joins, evasion-resistant logic, and entity mapping—apply broadly to SIEM and EDR platforms including Splunk, CrowdStrike Falcon, and SentinelOne.

Microsoft Security Blogs - Kusto (kqlquery.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/dxbp-part-1-technical-detection-engineering-best-practices

#cybersecurity #incidentresponse #threatintelligence

Hackers accessed BWH Hotels reservation system for months

https://securityaffairs.com/192038/data-breach/hackers-accessed-bwh-hotels-reservation-system-for-months.html

Read on HackerWorkspace: https://hackerworkspace.com/article/hackers-accessed-bwh-hotels-reservation-system-for-months

#databreach #incidentresponse #privacy

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files

Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files

Affected factories back up and running, we're told

theregister (www.theregister.com)

Read on HackerWorkspace: https://hackerworkspace.com/article/foxconn-confirms-cyberattack-after-ransomware-crew-claims-it-stole-confidential-apple-nvidia-files

#ransomware #databreach #cybersecurity

Accelerating detection engineering using AI-assisted synthetic attack logs generation | Microsoft Security Blog

https://www.microsoft.com/en-us/security/blog/2026/05/12/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logs-generation/

Read on HackerWorkspace: https://hackerworkspace.com/article/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logs-generation-microsoft-security-blog

#cybersecurity #incidentresponse #threatintelligence

Proxying the Unproxyable? Sending EXE traffic to a Proxy

https://isc.sans.edu/diary/rss/32982

Read on HackerWorkspace: https://hackerworkspace.com/article/proxying-the-unproxyable-sending-exe-traffic-to-a-proxy

#malware #encryption #cybersecurity

SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; R…

https://www.youtube.com/watch?v=aUficRwDQ6s

#malware #vulnerability #securitypatch

SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; Rubygems Attack

SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; Rubygems Attack

SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; Rubygems Attack , Author: Dr. Johannes B. Ullrich Cybersecurity Podcast

SANS Internet Storm Center (isc.sans.edu)

Read on HackerWorkspace: https://hackerworkspace.com/article/sans-stormcast-wednesday-may-13th-2026-microsoft-patch-tuesday-large-npm-pypi-compromise-rubygems-attack

#malware #vulnerability #exploit

Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign

https://www.security.com/threat-intelligence/iran-seedworm-electronics

Read on HackerWorkspace: https://hackerworkspace.com/article/seedworm-iran-linked-hackers-breached-korean-electronics-maker-in-global-spying-campaign

#malware #databreach #cybersecurity

Researchers open-source a Wi-Fi cyber range for security training - Help Net Security

https://www.helpnetsecurity.com/2026/05/13/wi-fi-cyber-range-security/

Read on HackerWorkspace: https://hackerworkspace.com/article/researchers-open-source-a-wi-fi-cyber-range-for-security-training-help-net-security

#cybersecurity #authentication #vulnerability

VICE: Cyberwar | Full Season 2 | Blueprint

https://www.youtube.com/watch?v=0KmB3u7ydP0

#cybersecurity #privacy #threatintelligence

Sorry.

- YouTube

Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.

(www.youtube.com)

#cybersecurity #authentication #penetrationtesting