DHCP Exploited for Privilege Escalation in Windows Domains
Security researchers have discovered a sophisticated method, named "DHCP Coerce," that exploits the Dynamic Host Configuration Protocol (DHCP) administrators group to escalate privileges within Windows domains. The vulnerability revolves around [...]
New Acoustic Keyboard Side Channel Attack Allows Theft of Sensitive Data
With the rise in digital device usage, personal data security has become increasingly important. Side-channel attacks exploit system side effects to gather information, with electronic emissions being a known vulnerability. [...]
Microsoft announces a significant domain change for Teams
In April 2023, Microsoft announced a multi-year initiative to unify authenticated, user-facing Microsoft 365 apps and services under a single domain: cloud.microsoft. As we prepare to migrate Teams, Outlook, and [...]
Androxgh0st exploits SMTP services to steal critical data
AndroxGh0st targets Laravel applications, scanning and extracting login credentials for AWS and Twilio from .env files. AndroxGh0st, previously identified as an SMTP cracker, utilizes multiple strategies including credential exploitation, web [...]
Operation PhantomBlu: Attackers Exploit Weaponized MS Office Doc to Breach Windows
Researchers at Perception Point have discovered a new malware campaign dubbed PhantomBlu, which targets US organizations. The campaign utilizes innovative methods to deploy the NetSupport RAT (Remote Access Trojan) by [...]
FHN 
