Paths

Top 3 Trends in Red Team Exploitation Paths

Mar 20, 2025 by iHash Leave a Comment

Though 2024 may be behind us, many of the security threats and vulnerabilities that organizations faced last year remain. The CrowdStrike Professional Services Red Team tracks them all in its efforts to defend organizations against adversaries. The three most common exploitation paths we encountered were: Unsecured Credentials: Weak or exposed credentials remain one … [Read more...] about Top 3 Trends in Red Team Exploitation Paths

Understanding Active Directory Attack Paths to Improve Security

Aug 8, 2023 by iHash Leave a Comment

Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things tend to do, times, they are a'changin' – and a few years back, Microsoft introduced Azure Active … [Read more...] about Understanding Active Directory Attack Paths to Improve Security

Apple Intelligence features expand to new languages and regions today

Apple Intelligence, the personal intelligence system that delivers helpful and relevant intelligence while taking an extraordinary step forward for privacy in AI, is expanding to even more people around the world. Starting today, with the availability of iOS 18.4, iPadOS 18.4, and macOS Sequoia 15.4, Apple Intelligence features are now available in many new languages, […]

RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features

Mar 30, 2025Ravie LakshmananVulnerability / Zero-Day The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances. “RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, […]

New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials

Mar 29, 2025Ravie LakshmananThreat Intelligence / Mobile Security Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that’s primarily designed to target users in Spain and Turkey. “Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remote control, black […]

Researchers Uncover 46 Critical Flaws in Solar Inverters From Sungrow, Growatt, and SMA

Mar 28, 2025Ravie LakshmananOperational Technology / Vulnerability Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been collectively codenamed […]

Protecting Android, Windows, and Linux devices against being tracked via the Find My network

AirTags are a popular tracking device used by anyone from forgetful key owners to those with malicious intent, such as jealous spouses and car thieves. Using AirTags for spying is simple: a tag is discreetly placed on the target to allow their movements to be conveniently monitored using Apple Find My. We’ve even added protection […]

New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records

Mar 27, 2025Ravie LakshmananEmail Security / Malware Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Top 3 Trends in Red Team Exploitation Paths

Understanding Active Directory Attack Paths to Improve Security