⤷ Title: MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:11:28 +0000
════════════════════════
⌗ Tags: #Cybercriminals #CVE_2024_57726 #DragonForce #Medusa #MSP #ransomware #RMM #SimpleHelp #SupplyChain #SystemAccess
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:11:28 +0000
════════════════════════
⌗ Tags: #Cybercriminals #CVE_2024_57726 #DragonForce #Medusa #MSP #ransomware #RMM #SimpleHelp #SupplyChain #SystemAccess
Daily CyberSecurity
MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access
Medusa & DragonForce RaaS groups weaponize SimpleHelp RMM flaws (CVE-2024-57726/7/8) to gain SYSTEM-level access to customer networks. Immediate patch needed.
⤷ Title: Kimsuky APT Uses JavaScript Loader and Certutil to Achieve Minute-by-Minute Persistence via Windows Scheduled Task
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:06:35 +0000
════════════════════════
⌗ Tags: #Malware #APT #Certutil #Espionage #JavaScript Loader #Kimsuky #living_off_the_land #Scheduled Task #Themes.js
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:06:35 +0000
════════════════════════
⌗ Tags: #Malware #APT #Certutil #Espionage #JavaScript Loader #Kimsuky #living_off_the_land #Scheduled Task #Themes.js
Daily CyberSecurity
Kimsuky APT Uses JavaScript Loader and Certutil to Achieve Minute-by-Minute Persistence via Windows Scheduled Task
Kimsuky APT is using a Themes.js JavaScript loader and certutil LOLBIN to gain minute-by-minute persistence via a Windows Scheduled Task. The APT is targeting think tanks for espionage.
⤷ Title: PoC Exploit Released for CVE-2025-55680 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:01:01 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Cloud Files Minifilter #CVE_2025_55680 #privilege escalation #race condition #TOCTOU #Windows LPE
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:01:01 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #Cloud Files Minifilter #CVE_2025_55680 #privilege escalation #race condition #TOCTOU #Windows LPE
Daily CyberSecurity
PoC Exploit Released for CVE-2025-55680 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw
A High-severity LPE flaw (CVE-2025-55680) in the Windows Cloud Files Driver allows local users to gain SYSTEM privileges by exploiting a TOCTOU race condition. Patch immediately.
⤷ Title: Why a Degree Won’t Get You a High Paying Cyber Job in Singapore -Offensive Security Roles are…
════════════════════════
𐀪 Author: Yua Mikanana
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:53:43 GMT
════════════════════════
⌗ Tags: #cybersecurity #singapore #cyber #technology #hacking
════════════════════════
𐀪 Author: Yua Mikanana
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:53:43 GMT
════════════════════════
⌗ Tags: #cybersecurity #singapore #cyber #technology #hacking
Medium
Why a Degree Won’t Get You a High Paying Cyber Job in Singapore -Offensive Security Roles are…
Let’s talk facts, not feelings.
⤷ Title: CyCTF 2025 — Reverse “TakeAHook”
════════════════════════
𐀪 Author: VampireXRay
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:46:39 GMT
════════════════════════
⌗ Tags: #hacking #cybersecurity #cve #reverse_engineering #ctf
════════════════════════
𐀪 Author: VampireXRay
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:46:39 GMT
════════════════════════
⌗ Tags: #hacking #cybersecurity #cve #reverse_engineering #ctf
Medium
CyCTF 2025 — Reverse “TakeAHook”
Can We Take The Hook ? Lets Try ..
⤷ Title: Proving Grounds - LaVita
════════════════════════
𐀪 Author: jniket
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:33:39 GMT
════════════════════════
⌗ Tags: #provinggrounds #hacking #penetration_testing #linux #cybersecurity
════════════════════════
𐀪 Author: jniket
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:33:39 GMT
════════════════════════
⌗ Tags: #provinggrounds #hacking #penetration_testing #linux #cybersecurity
Medium
Proving Grounds - LaVita
Summary
⤷ Title: Why Russian Ransomware Gangs Never Attack Their Own Backyard
════════════════════════
𐀪 Author: David SEHYEON Baek
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:23:31 GMT
════════════════════════
⌗ Tags: #hacking #cybercrime #cybersecurity #russia #ransomware
════════════════════════
𐀪 Author: David SEHYEON Baek
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:23:31 GMT
════════════════════════
⌗ Tags: #hacking #cybercrime #cybersecurity #russia #ransomware
Medium
Why Russian Ransomware Gangs Never Attack Their Own Backyard
Why Russian Ransomware Gangs Never Attack Their Own Backyard In the ever-shifting terrain of cybercrime, few attribution markers are as revealing as the pattern of CIS avoidance — the deliberate …
⤷ Title: The Business of Harvesting VPN Credentials for Resale
════════════════════════
𐀪 Author: David SEHYEON Baek
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 23:51:06 GMT
════════════════════════
⌗ Tags: #cybersecurity #passwords #vpn #hacking #cybercrime
════════════════════════
𐀪 Author: David SEHYEON Baek
════════════════════════
ⴵ Time: Sun, 09 Nov 2025 23:51:06 GMT
════════════════════════
⌗ Tags: #cybersecurity #passwords #vpn #hacking #cybercrime
Medium
The Business of Harvesting VPN Credentials for Resale
The Business of Harvesting VPN Credentials for Resale Attackers are harvesting Virtual Private Network (VPN) login credentials on an industrial scale and monetizing them in a thriving underground …
⤷ Title: Plotted-TMS— TryHackMe Walkthrough | Romedix
════════════════════════
𐀪 Author: Romedix
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 01:48:22 GMT
════════════════════════
⌗ Tags: #cybersecurity #red_team #tryhackme_walkthrough #tryhackme #ctf_walkthrough
════════════════════════
𐀪 Author: Romedix
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 01:48:22 GMT
════════════════════════
⌗ Tags: #cybersecurity #red_team #tryhackme_walkthrough #tryhackme #ctf_walkthrough
Medium
Plotted-TMS— TryHackMe Walkthrough | Romedix
Introduction
⤷ Title: When GRC and Heatmaps Do More Harm Than Good to Cyber Risk Management — Building the Language of…
════════════════════════
𐀪 Author: Juan Pablo Castro
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 01:07:14 GMT
════════════════════════
⌗ Tags: #risk_management #cybersecurity #cyber_risk #heatmap #grc
════════════════════════
𐀪 Author: Juan Pablo Castro
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 01:07:14 GMT
════════════════════════
⌗ Tags: #risk_management #cybersecurity #cyber_risk #heatmap #grc
Medium
When GRC and Heatmaps Do More Harm Than Good to Cyber Risk Management — Building the Language of Cyber Risk
Governance, Risk, and Compliance (GRC) has long been the cornerstone of enterprise risk management. On paper, it ensures alignment between…
⤷ Title: How to Protect Public APIs Without API Keys
════════════════════════
𐀪 Author: Cybamatica
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 01:05:52 GMT
════════════════════════
⌗ Tags: #rest_api #cyber_security_awareness #api_security #cybersecurity #api_development
════════════════════════
𐀪 Author: Cybamatica
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 01:05:52 GMT
════════════════════════
⌗ Tags: #rest_api #cyber_security_awareness #api_security #cybersecurity #api_development
Medium
How to Protect Public APIs Without API Keys
APIs are a core part of how modern web applications work. They enable smooth communication between frontend and backend systems, helping…
⤷ Title: Scenario based answers helpful for understanding concepts and interview
════════════════════════
𐀪 Author: The Commoness
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:58:55 GMT
════════════════════════
⌗ Tags: #cybersecurity_training #cybersecurity #ethical_hacking #cybersecurity_awareness #interview_questions
════════════════════════
𐀪 Author: The Commoness
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:58:55 GMT
════════════════════════
⌗ Tags: #cybersecurity_training #cybersecurity #ethical_hacking #cybersecurity_awareness #interview_questions
Medium
Scenario based answers helpful for understanding concepts and interview
1)What happens when I type google.com in the browser?
⤷ Title: LetsDefend | Learn Sigma | Challenge Walkthrough
════════════════════════
𐀪 Author: Drew Arpino
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:02:05 GMT
════════════════════════
⌗ Tags: #sigma_rules #letsdefendio #lets_defend #cybersecurity #blue_team
════════════════════════
𐀪 Author: Drew Arpino
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:02:05 GMT
════════════════════════
⌗ Tags: #sigma_rules #letsdefendio #lets_defend #cybersecurity #blue_team
Medium
LetsDefend | Learn Sigma | Challenge Walkthrough
A Beginner’s Challenge in Sigma Rule Analysis.
⤷ Title: The Builder's Notes: Your CFO Just Called — Except It's a $2.4M Deepfake and Your AI Approved It
════════════════════════
𐀪 Author: Piyoosh Rai
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:02:05 GMT
════════════════════════
⌗ Tags: #fintech #machine_learning #technology #artificial_intelligence #cybersecurity
════════════════════════
𐀪 Author: Piyoosh Rai
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 00:02:05 GMT
════════════════════════
⌗ Tags: #fintech #machine_learning #technology #artificial_intelligence #cybersecurity
Medium
The Builder’s Notes: Your CFO Just Called — Except It’s a $2.4M Deepfake and Your AI Approved It
How deepfake voices and synthetic identities are breaking biometric authentication — and the technical stack you need to fight back.
⤷ Title: GDIOCSpider: The New Open-Source Python Tool for GDrive Incident Response
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 03:01:11 +0000
════════════════════════
⌗ Tags: #Open Source Tool #CybersecurityTool #GDIOCSpider #GDrive #IncidentResponse #IOCExtraction #IOCFlagger #OpenSource #python
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 03:01:11 +0000
════════════════════════
⌗ Tags: #Open Source Tool #CybersecurityTool #GDIOCSpider #GDrive #IncidentResponse #IOCExtraction #IOCFlagger #OpenSource #python
Penetration Testing Tools
GDIOCSpider: The New Open-Source Python Tool for GDrive Incident Response
GDIOCSpider is a new open-source Python tool for Incident Response. It crawls Google Drive, extracts IOCs (Indicators of Compromise), and outputs them to a CSV.
⤷ Title: Microsoft Speeds Up Windows Recovery (QMR) & Allows Smart App Control Toggle
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:55:14 +0000
════════════════════════
⌗ Tags: #Windows #Microsoft #QMR #Recovery #SAC #SecurityUpdate #Windows11 #WindowsResiliencyInitiative #WinRE
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:55:14 +0000
════════════════════════
⌗ Tags: #Windows #Microsoft #QMR #Recovery #SAC #SecurityUpdate #Windows11 #WindowsResiliencyInitiative #WinRE
Penetration Testing Tools
Microsoft Speeds Up Windows Recovery (QMR) & Allows Smart App Control Toggle
Microsoft is testing a faster Quick Machine Recovery (QMR) with a single scan and now allows Smart App Control (SAC) to be toggled in settings without reinstallation.
⤷ Title: 2027 Time Bomb: Covert NuGet Packages Target SQL and PLCs with Scheduled Sabotage
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:53:09 +0000
════════════════════════
⌗ Tags: #Malware #.NET #cybersecurity #IndustrialControl #NuGet #PLC #PostgreSQL #sabotage #SQLServer #SupplyChainAttack
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:53:09 +0000
════════════════════════
⌗ Tags: #Malware #.NET #cybersecurity #IndustrialControl #NuGet #PLC #PostgreSQL #sabotage #SQLServer #SupplyChainAttack
Penetration Testing Tools
2027 Time Bomb: Covert NuGet Packages Target SQL and PLCs with Scheduled Sabotage
Nine NuGet packages were found with covert code scheduled to activate in 2027-2028, targeting SQL databases and Siemens PLCs with sudden process terminations.
⤷ Title: From Ransomware Negotiator to Cybercriminal: Inside the $1.27M BlackCat Heist
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:50:36 +0000
════════════════════════
⌗ Tags: #Cybercriminals #BlackCat #cybercrime #DigitalMint #Extortion #FBI #InsiderThreat #ransomware #Sygnia
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:50:36 +0000
════════════════════════
⌗ Tags: #Cybercriminals #BlackCat #cybercrime #DigitalMint #Extortion #FBI #InsiderThreat #ransomware #Sygnia
Penetration Testing Tools
From Ransomware Negotiator to Cybercriminal: Inside the $1.27M BlackCat Heist
Two cybersecurity specialists—including a negotiator—became BlackCat affiliates, deploying ransomware to net $1.27M. The FBI quickly caught the conspirators.
⤷ Title: OpenAI’s GPT-5.1 Family & $200/Mo Pro Tier Leak Ahead of Rollout
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:48:26 +0000
════════════════════════
⌗ Tags: #Technology #AIModel #CodexMini #Gemini3 #GPT_5.1 #GPT_5.1Pro #GPT_5.1Reasoning #MicrosoftAzure #OpenAI
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:48:26 +0000
════════════════════════
⌗ Tags: #Technology #AIModel #CodexMini #Gemini3 #GPT_5.1 #GPT_5.1Pro #GPT_5.1Reasoning #MicrosoftAzure #OpenAI
Penetration Testing Tools
OpenAI's GPT-5.1 Family & $200/Mo Pro Tier Leak Ahead of Rollout
OpenAI is prepping GPT-5.1, GPT-5.1 Reasoning, and a $200/mo Pro model for release. Plus, a new GPT-5-Codex-Mini offers 4x more usage for code tasks.
⤷ Title: Landfall Spyware: Zero-Click Image Exploit Spied on Samsung Phones for a Year
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:46:37 +0000
════════════════════════
⌗ Tags: #Malware #Vulnerability #AndroidSpyware #CVE_2025_21042 #Landfall #SamsungGalaxy #Spyware #StealthFalcon #Unit42 #WhatsApp #ZeroClick
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:46:37 +0000
════════════════════════
⌗ Tags: #Malware #Vulnerability #AndroidSpyware #CVE_2025_21042 #Landfall #SamsungGalaxy #Spyware #StealthFalcon #Unit42 #WhatsApp #ZeroClick
Penetration Testing Tools
Landfall Spyware: Zero-Click Image Exploit Spied on Samsung Phones for a Year
Landfall, a commercial-grade spyware, exploited a zero-click flaw (CVE-2025-21042) in Samsung's image library to secretly surveil Galaxy devices for a year.
⤷ Title: AI Assistants Nearly Exposed My Entire Home Network to the Internet
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:44:48 +0000
════════════════════════
⌗ Tags: #Data Leak #AI #ChatGPT #Claude #cybersecurity #Gemini #HomeLab #NetworkSecurity #NGINXProxyManager #PromptEngineering
════════════════════════
𐀪 Author: ddos
════════════════════════
ⴵ Time: Mon, 10 Nov 2025 02:44:48 +0000
════════════════════════
⌗ Tags: #Data Leak #AI #ChatGPT #Claude #cybersecurity #Gemini #HomeLab #NetworkSecurity #NGINXProxyManager #PromptEngineering
Penetration Testing Tools
AI Assistants Nearly Exposed My Entire Home Network to the Internet
A journalist found that major AI chatbots gave dangerous advice for home network setup, recommending exposing critical services and creating vulnerable configurations.