More results...
Cybersecurity firm Blackpoint Cyber reveals a new spear phishing campaign targeting executives. Learn how attackers use fraudulent document ZIPs containing malicious shortcut files, leveraging ‘living off the land’ tactics, and a unique Anti-Virus chec…
Microsoft is currently investigating a significant bug affecting classic Outlook for Windows that prevents users from accessing their email accounts. The issue manifests as a persistent error message stating “Cannot start Microsoft Outlook. Canno…
Google has unveiled a groundbreaking AI-powered ransomware detection system for its Drive desktop application, representing a significant advancement in cybersecurity protection for organizations worldwide. This innovative feature automatically halts f…
Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant to stop …
Crushed the Puppy machine on HTB with surgical precision! Unlocked the user flag by leveraging levi.james credentials to access the DEV share, cracking recovery.kdbx with “Liverpool,” and using ant.edwards:Antman2025! to reset ADAM.SILVER’s password, followed by a swift WinRM login to grab user.txt. For the root flag, extracted steph.cooper:ChefSteph2025! from C:\Backups, accessed a WinRM shell, and exfiltrated DPAPI keys via SMB. Impacket unveiled steph.cooper_adm:FivethChipOnItsWay2025!, opening the Administrator directory to claim root.txt.
#Cybersecurity #HackTheBox #CTF #Pentesting #PrivilegeEscalation
The post Hack The Box: Puppy Machine Walkthrough – Medium Difficulty appeared first on Threatninja.net.
Hackers are sending fake invoice emails with malicious Office files that install the XWorm RAT on Windows systems, allowing full remote access and data theft. Learn how the shellcode and process injection are used to steal data, and how to stay safe fr…
Threat actors recently infiltrated a corporate environment, dumped the AD database file NTDS.dit, and nearly achieved full domain control. AD acts as the backbone of Windows domains, storing account data, group policies, and password hashes. Compromise…
Cybersecurity researchers at Trend Micro have discovered a new and dangerous variant of LockBit ransomware that targets Windows, Linux, and VMware ESXi systems, utilizing advanced obfuscation techniques and sophisticated cross-platform capabilities. Ad…
Windows 10 users in the European Economic Area (EEA) will be able to receive extended security updates until October 14, 2026, without having to pay for them or to back up their settings, apps, or credentials to the Microsoft cloud. Microsoft backtrack…
Security researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in Windows installers and updaters. The utility demonstrates how attackers can hijack privileged setup proc…