Quotidien Shaarli

Delaying security updates and neglecting regular reviews created vulnerabilities that were exploited by attackers, resulting in severe ransomware consequences.

• Initial access via FortiGate Firewall SSL VPN using a dormant account
• Deployed persistent backdoor (“svchost.exe”) on the failover server, and conducted lateral movement via RDP.
• Exploitation attempts of CVE-2023-27532 was followed by activation of xp_cmdshell and rogue user account creation.
• Threat actors made use of NetScan, AdFind, and various tools provided by NirSoft to conduct network discovery, enumeration, and credential harvesting.
• Windows Defender was permanently disabled using DC.exe, followed by ransomware deployment and execution with PsExec.exe.

This page is designed to gather a timeline of the Doppelganger operation with a few elements gathered from different reports.

The largest password compilation with nearly ten billion unique passwords was leaked on a popular hacking forum. The Cybernews research team believes the leak poses severe dangers to users prone to reusing passwords.

The king is dead. Long live the king. Cybernews researchers discovered what appears to be the largest password compilation with a staggering 9,948,575,739 unique plaintext passwords. The file with the data, titled rockyou2024.txt, was posted on July 4th by forum user ObamaCare.

The NATO Integrated Cyber Defense Center will “enhance network protection, situational awareness and the implementation of cyberspace as an operational domain,” the alliance said.

The NATO Integrated Cyber Defence Centre (NICC) will enhance the protection of NATO and Allied networks and the use of cyberspace as an operational domain. The Centre will inform NATO military commanders on possible threats and vulnerabilities in cyberspace, including privately-owned civilian critical infrastructures necessary to support military activities.