SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
“csrss.exe” stands for Client/Server Run-Time Subsystem process; it is an important part of the Windows OS and you can find this process running in your task manager. In this new series, we analyze Windows processes and provide threat hunting tips. Client Server Runtime Process (csrss.exe) is the user-mode side of the Win32 subsystem with…
Tech giant, General Electric (GE), disclosed a data breach that exposed current and former employees as well as beneficiaries personally identifiable information (PII). The data breach was uncovered through a security incident that happened to one of GE’s partners, Canon Business Process Services. General Electric Company (GE) is a multinational digital industrial conglomerate. The company…
The Chinese state-sponsored group APT41 has targeted more than 75 organizations worldwide targeting security flaws in Citrix, Cisco, and Zoho appliances and devices. The APT41 group has been active since at least 2012 and is known for espionage, cybercrime, and surveillance operations against a large array of industries, as well as individuals. According to FireEye,…
Adobe has released an out-of-band security update for its Creative Cloud Desktop Application for windows. The update includes a patch to fix a critical vulnerability that could allow attackers to delete specific arbitrary files on a vulnerable computer. Creative Cloud is a collection of 20+ desktop and mobile apps and services for photography, design, video, web,…
Apple on Tuesday released Safari 13.1 and updated the Intelligent Tracking Prevention (ITP) privacy feature. Intelligent Tracking Prevention allows Safari to block cookies and prevent advertisers from snooping on users’ web habits. According to Apple WebKit engineer John Wilander, Safari now blocks all third-party cookies. (WebKit is the browser engine that powers Safari.) That means that…
Over 50 Android apps on the Google Play Store have been caught using a new trick to secretly click on ads without the knowledge of smartphone users. The ad-fraud malware lurks in dozens of children’s’ and utility apps. In total, the total number of installations of these apps is almost one million worldwide. A team…
APT32 is a threat group that has been active since at least 2014. The group has targeted multiple private sector industries as well as with foreign governments, dissidents, and journalists with a strong focus on Southeast Asian countries like Vietnam, the Philippines, Laos, and Cambodia. According to MITRE ATT&CK, they have extensively used strategic web…
The number of Coronavirus-themed attacks is increasing. Attackers are now using phishing emails designed to deliver the Netwalker Ransomware. MalwareHunterTeam experts discovered a phishing campaign with an attachment, named “CORONAVIRUS_COVID-19.vbs,” used to install the Netwalker Ransomware. the Netwalker ransomware, previously known as Mailto, is resurfacing again as it is targeting government agencies and enterprises. Two significant…
Multiple Zero-day vulnerabilities in the DVRs of IP video manufacturer, LILIN, have been exploited by DDoS botnets to infect vulnerable devices. The LILIN DVR vulnerability was first reported in May 2019 and it has been exploited for more than six months before LILIN patched the flaw and released a firmware. Attackers used DDoS botnets to…
“smss.exe” is the Session Manager Subsystem for Microsoft Windows OS. The main system thread initiates this process. This process manages the start of user sessions and various other activities including launching Winlogon.exe and Csrss.exe processes, setting system variables and other activities. If the 2 processes end normally after launch, smss.exe shuts down the…