02/24

Confluence Exploit Leads to LockBit Ransomware – The DFIR Report

https://thedfirreport.com/2025/02/24/confluence-exploit-leads-to-lockbit-ransomware/
Confluence Exploit Leads to LockBit Ransomware – The DFIR Report

Introduction to eBPF for Windows – Pavel Yosifovich

https://scorpiosoftware.net/2025/02/22/introduction-to-ebpf-for-windows/
Introduction to eBPF for Windows – Pavel Yosifovich

Exploits for unpatched Parallels Desktop flaw give root on Macs

https://www.bleepingcomputer.com/news/security/exploits-for-unpatched-parallels-desktop-flaw-give-root-on-macs/
Exploits for unpatched Parallels Desktop flaw give root on Macs

Australia Bans Kaspersky Software Over National Security and Espionage Concerns

https://thehackernews.com/2025/02/australia-bans-kaspersky-software-over.html
Australia Bans Kaspersky Software Over National Security and Espionage Concerns

GitHub - TarlogicSecurity/BlueSpy

https://github.com/TarlogicSecurity/BlueSpy
GitHub - TarlogicSecurity/BlueSpy

Botnet targets Basic Auth in Microsoft 365 password spray attacks

https://www.bleepingcomputer.com/news/security/botnet-targets-basic-auth-in-microsoft-365-password-spray-attacks/
Botnet targets Basic Auth in Microsoft 365 password spray attacks

Japan's Cabinet approves legislation on 'active' cybersecurity - The Japan Times

https://www.japantimes.co.jp/news/2025/02/07/japan/politics/active-cyber-defense-bill/
Japan's Cabinet approves legislation on 'active' cybersecurity - The Japan Times

Linux Kernel Some Vsock Vulnerabilities Analysis | Blog

https://u1f383.github.io/linux/2025/02/24/linux-kernel-some-vsock-vulnerabilities-analysis.html
Linux Kernel Some Vsock Vulnerabilities Analysis | Blog

MalwareBazaar | SHA256 b5311cadc0bbd2f47549f7fc0895848adb20cc016387cebcd1c29d784779240c

https://bazaar.abuse.ch/sample/b5311cadc0bbd2f47549f7fc0895848adb20cc016387cebcd1c29d784779240c/
MalwareBazaar | SHA256 b5311cadc0bbd2f47549f7fc0895848adb20cc016387cebcd1c29d784779240c

Windows Authentication - Credential Providers - Part 1 - A primer on writing a credential provider in Windows.

https://dennisbabkin.com/blog/?t=primer-on-writing-credential-provider-in-windows
Windows Authentication - Credential Providers - Part 1 - A primer on writing a credential provider in Windows.

Australia bans all Kaspersky products on government systems

https://www.bleepingcomputer.com/news/security/australia-bans-all-kaspersky-products-on-government-systems/
Australia bans all Kaspersky products on government systems

Today I Learned - Protected Symlinks | dfir.ch

https://dfir.ch/posts/today_i_learned_protected_symlinks/
Today I Learned - Protected Symlinks | dfir.ch