#jobs #incident #vulnerability #security-tools #patch-management #ai #malware #detection-engineering #exploit #cloud #phishing #ransomware #authentication #breach #zero-day
Articles tagged with: #privilege-escalation Clear filter
Breaking Down Mustang Panda's Windows Endpoint Campaign

Breaking Down Mustang Panda's Windows Endpoint Campaign

cybersecurity www.reddit.com

Mustang Panda (active since at least 2017) continues to rely on classic but effective techniques in their espionage ops. Recent campaigns show heavy use of: masqueraded lnk files disguised as word docs or pdfs to trigger execution without macros msiexec abuse to drop and run payloads under a trusted binary dll side-loading into microsoft defender components for stealthy persistence registry run keys / scheduled tasks / services to survive reboots werfault.exe injection for privilege escalation...

#privilege-escalation
CISA Warns of Citrix RCE and Privilege Escalation Vulnerabilities Exploited in Attacks

CISA Warns of Citrix RCE and Privilege Escalation Vulnerabilities Exploited in Attacks

Cyber Security News cybersecuritynews.com

CISA has issued a critical alert regarding three newly identified vulnerabilities being actively exploited by threat actors. On August 25, 2025, CISA added these high-risk Common Vulnerabilities and Exposures (CVEs) to its Known Exploited Vulnerabilities (KEV) Catalog, signaling immediate concern for federal agencies and private organizations alike. Key Takeaways1. CISA added two Citrix Session Recording

#rce #vulnerability #privilege-escalation
HTB Authority Machine Walkthrough | Easy HackTheBox Guide for Beginners

HTB Authority Machine Walkthrough | Easy HackTheBox Guide for Beginners

cybersecurity www.reddit.com

I wrote detailed walkthrough for HackTheBox machine Authority which showcases, cracking password-protected files, and password reuse vulnerabilities, and for Privilege escalation, one of the most common and easiest vulnerability in Active directory Certificate ESC1, and also extracting public and private key from administrator certificate and using it for other services. Perfect for beginners...

#vulnerability #patch-management #certificate #privilege-escalation
HTB EscapeTwo Machine Walkthrough | Easy HackTheBox Guide for Beginners

HTB EscapeTwo Machine Walkthrough | Easy HackTheBox Guide for Beginners

cybersecurity www.reddit.com

I wrote detailed walkthrough for HTB Machine EscapeTwo which showcases escaping MSSQL and executing commands on the system for privilege escalation abusing WriteOwner ACE and exploiting ESC4 certificate vulnerability. https://medium.com/@SeverSerenity/htb-escapetwo-machine-walkthrough-easy-hackthebox-guide-for-beginners-20c9ca65701c submitted by /u/Civil_Hold2201 [link] [comments]

#vulnerability #patch-management #certificate #privilege-escalation
HTB Administrator Machine Walkthrough | Easy HackTheBox Guide for Beginners

HTB Administrator Machine Walkthrough | Easy HackTheBox Guide for Beginners

cybersecurity www.reddit.com

I wrote detailed walkthrough for HackTheBox Machine Administrator which showcases Abusing ForceChangePassword and cracking Password-Protected files, for privilege escalation performing targeted kerberoasting attack and Extracting sensitive information from NTDS.dit in Active Directory, I keep it simple, beginner-friendly https://medium.com/@SeverSerenity/htb-administrator-machine-walkthrough-easy-hackthebox-guide-for-beginners-f8273a004044 submitted by /u/Civil_Hold2201 [link] [comments]

#incident #privilege-escalation
Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware

The Hacker News thehackernews.com

Cybersecurity researchers have lifted the lid on the threat actors' exploitation of a now-patched security flaw in Microsoft Windows to deploy the PipeMagic malware in RansomExx ransomware attacks. The attacks involve the exploitation of CVE-2025-29824, a privilege escalation vulnerability impacting the Windows Common Log File System (CLFS) that was addressed by Microsoft in April 2025,

#vulnerability #malware #exploit #ransomware #privilege-escalation
HTB Certified Machine Walkthrough | Easy HackTheBox Guide for Beginners

HTB Certified Machine Walkthrough | Easy HackTheBox Guide for Beginners

cybersecurity www.reddit.com

I wrote Detailed walkthrough for HTB Machine Certified which showcases abusing WriteOwner ACE and performing shadow credentials attack twice and for privilege escalation Finding and exploiting vulnerable certificate template, I wrote it beginner friendly meaning I explained every concept, https://medium.com/@SeverSerenity/htb-certified-machine-walkthrough-easy-hackthebox-guide-for-beginners-bdcd078225e9 submitted by /u/Civil_Hold2201 [link] [comments]

#incident #certificate #privilege-escalation