Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Cust...| Microsoft Security Blog
Discover the fundamentals of pentesting Active Directory Domain Services on Linux with a thorough tour of Altered Security's LinuxAD lab.| tbhaxor's Blog
Microsoft has uncovered stealthy malicious activity by Volt Typhoon focused on post-compromise credential access & network system discovery.| Microsoft Security Blog
はじめに 10月25日にComputer Security Symposium 2022 in Kumamotoで開催されたMWS Cup 2022(マルウェア解析のコンペ)に参加しました。自分の所属する研究室では毎年、修士課程の学生がMWS Cupに出場しており、自分も今年はM1の同期とともにチーム「卍脳筋鹿煎餅卍NEO」として出場することとなりました(チーム名は伝統に基づき決定)。 MWSCup 2022 今年のMWS Cupは以下の4課題から構成...| melonattacker.github.io
Windows security – what is LSASS dump. How to protect against it? The ability of Advanced Persistent Threat (APT) groups and other threat actors to take a dump of Windows credentials is a serious threat especially to enterprises and other organizations. The MITRE ATT&CK knowledge base, which is created primarily to support defense against cyber ...| research.securitum.com
