Storm-0501 Abuses Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Extortion Campaign Summary of the incident Recent reporting identifies a financially motivated threat actor tracked as Storm-0501 refining tactics to target hybrid cloud environments. The actor has been observed abusing Microsoft Entra ID (formerly Azure Active Directory) to gain access to Azure…
Cyberattack on Miljödata Disrupts Services Across More Than 200 Swedish Municipalities What happened An attack targeting Miljödata, an IT-systems supplier used by roughly 80% of Sweden’s municipalities, has caused accessibility problems in more than 200 municipal regions, according to reporting by BleepingComputer. The supplier’s systems support a wide range of municipal IT services; the incident…
Over 28,200 Citrix Instances Exposed to Actively Exploited RCE (CVE-2025-7775) Summary: What we know More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775, and evidence indicates the flaw is already being exploited in the wild. The scale and active exploitation elevate this from a routine patch cycle…
Let’s face it: we all use email, and we all use passwords. Passwords create an inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for attack have multiplied enormously as life has moved online. All it takes is one compromised password for all other users to fall victim to…
Remote Desktop Protocol (RDP) is a protocol, or technical standard, for using a desktop computer remotely. Remote desktop software can use several different protocols, including RDP, Independent Computing Architecture (ICA), and Virtual Network Computing (VNC), but RDP is the most widely used protocol. RDP was initially released by Microsoft and is available for most Windows…
With the support of the open-source community and a strict privilege system built into its architecture, Linux has security built into its design. That said, gone are the days when Linux system administrators could get away with poor security practices. Cybercriminals have come to view Linux as a viable attack target due to its growing…
Content spoofing (also known as content injection) is one of the most common web security vulnerabilities. It allows the end user of the vulnerable web application to falsify or modify the actual content of the web page. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote…
Online attacks are more frequent than ever, and this trend is likely to continue growing. In this article, we analyze CSV injection attacks and how to defend against them. Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper purposes. We…
A script to remotely dump files and folders from a Windows SMB share Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not promote their use for profit or improper purposes. We are not responsible for any damage or impairment that may be caused to the systems used.…
Today I bring you a very simple tutorial that many people have been asking me for. It’s about attacking Kerberos tickets, both golden and silver. First, to understand what Kerberos is, visit my post that talks about Kerberos Requirements: Responsibility: In this tutorial, we will use hacking techniques for educational purposes only. We do not…