All posts by John Doe

■■■■□ New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State. New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State

■■■■■ A token validation flaw allowing adversary to get Global Admin in any Entra ID tenant. https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

■■■■■ 🟥 Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released. Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released

■■□□□ Privacy | United States: Police cameras tracked one driver 526 times in four months, lawsuit says. https://www.yahoo.com/news/articles/police-cameras-tracked-one-driver-090000185.html

■■■■□ Zero-Day: 0-Click Linux Kernel KSMBD RCE Exploit From N-Day Vulnerabilities. 0-Click Linux Kernel KSMBD RCE Exploit From N-Day Vulnerabilities

■■■■■ One Token to rule them all – obtaining Global Admin in every Entra ID tenant via Actor tokens. https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

■■■□□ After one proper YubiKey login to LastPass, restarting the browser does not validate the YubiKey further & will let you login with the first 12 characters of it. https://x.com/RandomDhiraj/status/1968910525749674158

■□□□□  The Great Firewall Leaks: A 600GB Trove of Secrets Exposed The Great Firewall Leaks: A 600GB Trove of Secrets Exposed

■■■■□ Firefox DNS privacy: Faster than ever, now on Android. Firefox DNS privacy: Faster than ever, now on Android

⚽️ APT28 embed payloads inside PNG files. https://blog.sekoia.io/apt28-operation-phantom-net-voxel/