All posts by John Doe

■■□□□ Defacement of Israeli sites continues as hackers take toll on another popular site. In a message shared by hacker group: תיירות, “צימרים בישראל” is the largest holiday booking center in ISRAEL TODAY GOT HACKED BY DIENET דף הבית

■■■■■ TETRA-Burst: New TETRA Radio Encryption Flaws Expose Law Enforcement Communications. https://thehackernews.com/2025/08/new-tetra-radio-encryption-flaws-expose.html

■■■■□ Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as early as beginning of May 2025, with about 70% of detections originating from firewalls protecting operational technology (OT) networks. The vulnerability in question is CVE-2025-32433 (CVSS score: 10.0), a missing authentication issue that could be abused…

■■■□□ New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP. https://thehackernews.com/2025/08/new-win-ddos-flaws-let-attackers-turn.html

■■■□□ United States | IoT: ICS/SCADA: DEF CON hackers plug security holes in US water systems amid tsunami of threats. Five pilot deployments are just a drop in the bucket, so it’s time to turbo scale. https://www.theregister.com/2025/08/10/def_con_hackers_water_security/

■■■■■ Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation. You Snooze You Lose: RPC-Racer Winning RPC Endpoints Against Services https://thehackernews.com/2025/08/researchers-detail-windows-epm.html

■■■■■ BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data. 🚫Boot.sdi Parsing Vulnerability (CVE-2025-48800) 🚫ReAgent.xml Exploitation (CVE-2025-48003) 🚫Trusted App Manipulation (CVE-2025-48804) 🚫BCD Configuration Attack (CVE-2025-48818) Mitigation: Enable TPM+PIN authentication for pre-boot verification. BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data

■□□□□ Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise Researchers demonstrate how multi-turn “storytelling” attacks bypass prompt-level filters, exposing systemic weaknesses in GPT-5’s defenses. https://www.securityweek.com/red-teams-breach-gpt-5-with-ease-warn-its-nearly-unusable-for-enterprise/

🎃HOW APT37 EMPLOYED ROKRAT SHELLCODE AND STEGANOGRAPHIC TECHNIQUE ℹ️ Researchers have identified a new variant of RoKRAT, the malware associated with North Korea’s APT37 group. This version employs two-stage encrypted shellcode execution and steganography to conceal malicious code inside image files, enabling evasion from traditional detection methods. 📍 INFECTION VECTOR ■ The intrusion begins with…

■■■□□ Big Brother is watching: Wi-Fi signals can track you in your home It could open the door to mass surveillance. https://theweek.com/tech/wifi-signals-now-tracking-users-at-home