Quotidien Shaarli

Pidgin is a universal chat client, allowing you to consolidate all your different messaging apps into a single tool.

A 17-year-old student has launched a dedicated portal to exposing Germany's 'secret' pirate site blocklist to the public.

Learn about the ClearFake Trojan malware distributed via WordPress sites, its tactics, and how to safeguard your online experience.

This blog is reserved for more serious things, and ordinarily I wouldn't spend time on questions like the above. But much as I'd like to spend my time writing about exciting topics, sometimes the world requires a bit of what Brad Delong calls "Intellectual Garbage Pickup," namely: correcting wrong, or mostly-wrong ideas that spread unchecked…

The messaging app says “it is absurd to claim that a platform or its owner are responsible for abuse of that platform” after CEO Pavel Durov was arrested by French authorities.

In this post, we analyze a new opportunistic exploitation campaign based on the Log4j vulnerability.

• In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware.
• The threat actor leveraged various tools, including Sharphound, Rubeus, SystemBC, Get-DataInfo.ps1, Cobalt Strike, and ADFind, along with built-in system tools.
• Command and control traffic was proxied through CloudFlare to conceal their Cobalt Strike server.
• Fifteen days after initial access, BlackSuit ransomware was deployed by copying files over SMB to admin shares and executing them through RDP sessions.
• Three rules were added to our private ruleset related to this case.