Renato Marinho Diaries

Back to Handlers

• Microsoft November 2024 Patch Tuesday
• Microsoft August 2024 Patch Tuesday
• Microsoft May 2024 Patch Tuesday
• Microsoft February 2024 Patch Tuesday
• Microsoft September 2023 Patch Tuesday
• Microsoft August 2023 Patch Tuesday
• Microsoft May 2023 Patch Tuesday
• Guildma is now abusing colorcpl.exe LOLBIN
• Microsoft April 2023 Patch Tuesday
• Microsoft March 2023 Patch Tuesday
• Microsoft January 2023 Patch Tuesday
• Microsoft December 2022 Patch Tuesday
• Log4Shell campaigns are using Nashorn to get reverse shell on victim's machines
• Microsoft November 2022 Patch Tuesday
• Microsoft September 2022 Patch Tuesday
• Microsoft August 2022 Patch Tuesday
• Microsoft July 2022 Patch Tuesday
• Microsoft June 2022 Patch Tuesday
• Translating Saitama's DNS tunneling messages
• Microsoft May 2022 Patch Tuesday
• WSO2 RCE exploited in the wild
• Microsoft April 2022 Patch Tuesday
• Microsoft March 2022 Patch Tuesday
• Microsoft February 2022 Patch Tuesday
• Attackers are abusing MSBuild to evade defenses and implant Cobalt Strike beacons
• Example of how attackers are trying to push crypto miners via Log4Shell
• Log4j 2.15.0 and previously suggested mitigations may not be enough
• Microsoft December 2021 Patch Tuesday
• Log4Shell exploited to implant coin miners
• Microsoft November 2021 Patch Tuesday
• Microsoft October 2021 Patch Tuesday
• Microsoft September 2021 Patch Tuesday
• Microsoft August 2021 Patch Tuesday
• Microsoft July 2021 Patch Tuesday
• Microsoft June 2021 Patch Tuesday
• Guildma is now using Finger and Signed Binary Proxy Execution to evade defenses
• Microsoft May 2021 Patch Tuesday
• Microsoft March 2021 Patch Tuesday
• Microsoft February 2021 Patch Tuesday
• Microsoft January 2021 Patch Tuesday
• Microsoft November 2020 Patch Tuesday
• Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike
• Microsoft October 2020 Patch Tuesday
• Microsoft September 2020 Patch Tuesday
• Microsoft August 2020 Patch Tuesday
• Microsoft July 2020 Patch Tuesday - Patch Now!
• F5 BigIP vulnerability exploitation followed by a backdoor implant attempt
• Microsoft June 2020 Patch Tuesday
• Microsoft May 2020 Patch Tuesday
• Microsoft April 2020 Patch Tuesday
• Microsoft Patch Tuesday for February 2020
• Citrix ADC Exploits Update
• Microsoft December 2019 Patch Tuesday
• Microsoft October 2019 Patch Tuesday
• Microsoft September 2019 Patch Tuesday
• Guildma malware is now accessing Facebook and YouTube to keep up-to-date
• GoldBrute Botnet Brute Forcing 1.5 Million RDP Servers
• Microsoft May 2019 Patch Tuesday
• Vulnerable Apache Jenkins exploited in the wild
• Microsoft April 2019 Patch Tuesday
• Microsoft March 2019 Patch Tuesday
• Microsoft February 2019 Patch Tuesday
• Enriching Radare2 and x64dbg malware analysis with statically decoded strings
• Criminals Don't Read Instructions or Use Strong Passwords
• Silently Profiling Unknown Malware Samples
• WebLogic Exploited in the Wild (Again)
• Cisco Smart Install vulnerability exploited in the wild
• ARP Spoofing in 2018: are you protected?
• Apache SOLR: the new target for cryptominers
• Statically Unpacking a Brazilian Banker Malware
• Campaign is using a recently released WebLogic exploit to deploy a Monero miner
• Phishing campaign uses old ".bat" script to spread banking malware - and it is flying under the radar
• "Catch-All" Google Chrome Malicious Extension Steals All Posted Data
• Baselining Servers to Detect Outliers
• XPCTRA Malware Steals Banking and Digital Wallet User's Credentials
• Ongoing Ykcol (Locky) campaign
• Second Google Chrome Extension Banker Malware in Two Weeks
• EngineBox Malware Supports 10+ Brazilian Banks
• (Banker(GoogleChromeExtension)).targeting("Brazil")
• SMBLoris - the new SMB flaw
• Uber drivers new threat: the "passenger"
• Black Hat is coming and with it a good reason to update your "Broadcom-based" devices
• SMS Phishing induces victims to photograph its own token card
• July's Microsoft Patch Tuesday
• DDoS Extortion E-mail: Yet Another Bluff?
• Windows Error Reporting: DFIR Benefits and Privacy Concerns
• Exploring a P2P Transient Botnet - From Discovery to Enumeration
• A very convincing Typosquatting + Social Engineering campaign is targeting Santander corporate customers in Brazil