credential dumping – Experimental News Clipping Site

Cloud Blog: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)

Sep 3, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/viewstate-deserialization-zero-day-vulnerability/ Source: Cloud Blog Title: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690) Feedly Summary: Written by: Rommel Joven, Josh Fleischer, Joseph Sciuto, Andi Slok, Choon Kiat Ng In a recent investigation, Mandiant Threat Defense discovered an active ViewState deserialization attack affecting Sitecore deployments leveraging sample machine keys that had been exposed in…

Cisco Talos Blog: When legitimate tools go rogue

Jun 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/when-legitimate-tools-go-rogue/ Source: Cisco Talos Blog Title: When legitimate tools go rogue Feedly Summary: Attackers are increasingly hiding in plain sight, using the same tools IT and security teams rely on for daily operations. This blog breaks down common techniques and provides recommendations to defenders. AI Summary and Description: Yes Summary: The text discusses…

The Register: Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand

Mar 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/03/13/medusa_ransomware_infects_300_critical/ Source: The Register Title: Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand Feedly Summary: Feds warn gang still rampant and now cracked 300+ victims around the world A crook who distributes the Medusa ransomware tried to make a victim cough up three payments instead of the…

The Register: Novel attack on Windows spotted in phishing campaign run from and targeting China

Sep 2, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/09/02/securonix_china_slowtempest_campaign/ Source: The Register Title: Novel attack on Windows spotted in phishing campaign run from and targeting China Feedly Summary: Resources hosted at Tencent Cloud involved in Cobalt Strike campaign Chinese web champ Tencent’s cloud is being used by unknown attackers as part of a phishing campaign that aims to achieve persistent network…

Tag: credential dumping

Cloud Blog: ViewState Deserialization Zero-Day Vulnerability in Sitecore Products (CVE-2025-53690)

Cisco Talos Blog: When legitimate tools go rogue

The Register: Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand

The Register: Novel attack on Windows spotted in phishing campaign run from and targeting China