Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to patch it before any damage could be done. Not only are large companies affected, but many applications and servers utilizing [...]
![Match Made In The Shadows: Part [1]](https://obscuritylabs.com/wp-content/uploads/2020/11/david-werbrouck-5GwLlb-_UYk-unsplash.jpg)
Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to [...]
Introduction After I saw the buzz about Kaseya on July 2nd, I decided it was time to start writing a blog post about targeting the supply chain. Software supply chain “attacks” aren’t new, however, they will become much ...
Quick intel drop. FireEye has reported that the DarkSide affiliate, UNC2465, has infiltrated the website of “CCTVSecurityPros” and injected into one of their software downloads. Below are the details. FireEye [...]
Introduction This post is part one of a series that will be posted on the topic of “Software Supply Chain Exploitation”. With this post (Part 1), we start by providing ...
On April 22, 2021, many SOC’s and MDR services were going about their normal day-to-day operations, when some of us across the community received an alert from our EDR platforms ...
Intro Not too long ago the security community was rocked with yet another leak from the #ShadowBrokers[1]; causing an impact worldwide with point and click Domain Admin vulnerabilities. Affecting nearly ...
Introduction On Thursday, December 9th, the vulnerability CVE-2021-44228 known as “Log4shell” was made public, sending large companies such as Twitter, Amazon, Google, Cloudflare, and many others in a rush to [...]
Introduction After I saw the buzz about Kaseya on July 2nd, I decided it was time to start writing a blog post about targeting the supply chain. Software supply chain “attacks” aren’t new, however, they will become much ...
Quick intel drop. FireEye has reported that the DarkSide affiliate, UNC2465, has infiltrated the website of “CCTVSecurityPros” and injected into one of their software downloads. Below are the details. FireEye [...]
Introduction This post is part one of a series that will be posted on the topic of “Software Supply Chain Exploitation”. With this post (Part 1), we start by providing ...
On April 22, 2021, many SOC’s and MDR services were going about their normal day-to-day operations, when some of us across the community received an alert from our EDR platforms ...
Intro Not too long ago the security community was rocked with yet another leak from the #ShadowBrokers[1]; causing an impact worldwide with point and click Domain Admin vulnerabilities. Affecting nearly ...
