Tag: ACTIVE DIRECTORY

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

General • Servers • Vulnerabilities • Exploits • Attack surface • Code • Email addresses • Domains • URLs • DNS • Certificates • WiFi networks • Device Info • Credentials • Leaks • Hidden Services • Social Networks • Phone numbers • Images • Threat Intelligence • Web History • Files • Surveillance cameras • Crypto • People

General Search EnginesGoogleBingYahoo!YandexAskBaiduSearXNGEXALeadDuckDuckGoSwisscowsNaverAOLBraveYepGibiruKagiStractServersShodan – Search Engine for the Internet of EverythingCensys Search – Search Engine for every server on the Internet to reduce exposure and improve securityOnyphe.io …
Read More
Microsoft’s April Security Update of High-Risk Vulnerabilities in Multiple Products – NSFOCUS Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Microsoft has issued a critical security update addressing 126 vulnerabilities across several products like Windows, Microsoft Office, and Azure, including serious threats such as privilege escalation and remote code execution. Users are urged to apply these patches promptly to mitigate risks. Affected: Windows, Microsoft Office, Azure, Microsoft Edge, Microsoft Visual Studio

Keypoints :

Microsoft released an April security update patch for 126 vulnerabilities.…
Read More
CentreStack RCE exploited as zero-day to breach file sharing servers
Summary: A zero-day vulnerability in Gladinet CentreStack’s file-sharing software has been exploited since March 2025, allowing hackers to breach storage servers through a deserialization flaw. The vulnerability, tracked as CVE-2025-30406, affects versions up to 16.1.10296.56315 and is linked to a hardcoded machineKey in the configuration that could be exploited for remote code execution.…
Read More
Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws
Summary: Microsoft’s April 2025 Patch Tuesday addresses 134 vulnerabilities, including one actively exploited zero-day and multiple critical flaws that enable remote code execution. The updates are currently available for Windows Server and Windows 11, with Windows 10 updates expected shortly. Affected organizations should prioritize these updates to protect their systems from potential exploits.…
Read More
AD Certificate Exploitation: ESC1
This article discusses Active Directory Certificate Services (AD CS) certificate templates and their role in managing digital certificates for users, computers, and services. It highlights vulnerabilities arising from misconfigured templates that can be exploited for privilege escalation. Affected: Active Directory, Digital Certificate Security, IT Security

Keypoints :

AD CS certificate templates define certificate types, purposes, and parameters.…
Read More
Credential Dumping: GMSA
ReadGMSAPassword is a technique where attackers exploit misconfigured Group Managed Service Accounts (gMSA) in Active Directory to access their passwords, enabling lateral movement and privilege escalation. Attackers can utilize these credentials for various malicious activities, including Pass-the-Hash attacks, if permissions are not correctly configured. Proper security measures and monitoring are crucial to preventing these vulnerabilities.…
Read More
Tiny Habits, Cybersecurity: The Little Things in our Cyber Hygiene
The global spending on cybersecurity is set to exceed .63 trillion by 2029, primarily due to basic cybersecurity failures rather than sophisticated attacks. Common vulnerabilities exploited include those in file transfer software, VPNs, and other systems, highlighting the critical need for organizations to improve their cyber hygiene practices like patching and proper configurations.…
Read More
John the Ripper is a powerful hash-cracking tool that efficiently cracks various hash types such as Windows authentication hashes, /etc/shadow hashes, and password-protected files. Through practical tasks, users learn the syntax, features, and methods to conduct dictionary attacks and utilize custom rules. Affected: Windows systems, Linux systems, password-protected ZIP and RAR files

Keypoints :

John the Ripper is a versatile tool for hash cracking.…
Read More
A Rebirth of a Cursed Existence? Examining ‘Babuk Locker 2.0’ Ransomware
Ransomware attacks, specifically the so-called Babuk Locker 2.0, have resurfaced in 2025, attributed to groups named Skywave and Bjorka. Investigations reveal that Babuk Locker 2.0 is essentially a rebranding of LockBit 3.0, utilizing similar techniques and targeting high-profile organizations across various sectors. Affected: organizations, government agencies, cybercriminal sectors

Keypoints :

Ransomware threat persists, causing significant organizational disruption.…
Read More
Earth Alux APT Group: Unveiling Its Espionage Toolkit
Summary: Trend Micro has uncovered Earth Alux, a sophisticated China-linked APT group targeting strategic sectors in the Asia-Pacific and Latin America. Utilizing advanced tools like the VARGEIT backdoor and COBEACON, they execute cyber-espionage with minimal detection, emphasizing the threat to sensitive data across various industries. The group’s operations highlight a growing emphasis on maintaining persistent access while employing complex evasion tactics.…
Read More
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report on a new malware variant called RESURGE, which has sophisticated persistence and manipulation capabilities, particularly linked to a known vulnerability in Ivanti products. The report highlights detailed mitigation measures in response to RESURGE’s exploitation of the CVE-2025-0282 vulnerability.…
Read More
CISA has reported on three malicious files acquired from an Ivanti Connect Secure device compromised through CVE-2025-0282. The files exhibit functionalities similar to known malware, including command and control capabilities and log tampering. RESURGE, the primary file, can modify files and create a web shell. Another file, a variant of SPAWNSLOTH, tampered with logs, while the third one included a shell script that extracts kernel images.…
Read More

Summary: The video discusses the implications of removing local admin privileges in organizations, particularly in the context of traditional active directory setups. While there are valid reasons to restrict these privileges, the belief that doing so entirely prevents unauthorized code execution is misleading.

Keypoints:

Many organizations seek to remove local admin privileges to enhance security.…
Read More
Product Walkthrough: How Datto BCDR Delivers Unstoppable Business Continuity
Summary: As modern IT environments face increasing risks, businesses are shifting focus from basic backups to comprehensive Business Continuity and Disaster Recovery (BCDR) solutions. Datto BCDR offers a streamlined platform that integrates local and cloud recovery options to ensure minimal downtime and data loss. With advanced features such as automated backup verification and 1-Click Disaster Recovery, organizations can enhance their resilience against IT disasters.…
Read More
Shifting the sands of RansomHub’s EDRKillShifter
ESET researchers examine the ransomware landscape in 2024, highlighting the emergence of RansomHub, a prominent ransomware-as-a-service (RaaS) group linked to established gangs like Play, Medusa, and BianLian. The article discusses the rise of EDR killers, particularly EDRKillShifter, developed by RansomHub, and reflects on the shifting dynamics of ransomware payments and victim statistics.…
Read More