New ransomware variant, called DearCry, in apparent homage to 2017’s Wannacry, that uses the Microsoft Exchange vulnerabilities (Proxylogon): https://unit42.paloaltonetworks.com/dearcry-ransomware/
A full attack chain exploiting the Microsoft Exchange vulnerabilities, notable for the level of detail and description of every step of the process: https://www.praetorian.com/blog/reproducing-proxylogon-exploit/
Demo available here: https://leaky.page/, proof-of-concept video here: https://www.youtube.com/watch?v=V_9cQP60ZGI
Grayhat Warfare, which created and manages a great tool used to search for open s3 buckets, has released a new tool to search the URLs of links shortened with link-shortening tools: https://shorteners.grayhatwarfare.com/
An interesting article detailing one person’s experience with SIEMs and how little they actually served the needs of information security within their company: https://medium.com/@sawaba/is-it-possible-to-find-security-value-in-logs-ffa07c9e0179
Taking over a victim’s phone text messaging, invisible to the user: https://www.vice.com/en/article/y3g8wb/hacker-got-my-texts-16-dollars-sakari-netnumber
There are several angles to this story, from resellers’ ability to change the routing of phone numbers with inadequate authorization, the use of SMS for two-factor authentication (2FA) that is increasingly implemented across the web, even a bit of monopolization by resellers. More details from the hacker who identified and disclosed the issue: https://lucky225.medium.com/its-time-to-stop-using-sms-for-anything-203c41361c80
Funny picture: https://pbs.twimg.com/media/ErkhSPtW4AAsbF9?format=jpg&name=large. Can you tell what it means?