All posts by John Doe

🔼 baitroute: A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers. https://github.com/utkusen/baitroute https://utkusen.substack.com/p/how-to-create-vulnerable-looking

■■■■■ GoRedOps: Repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team (Go lang). https://github.com/EvilBytecode/GoRedOps

■■■□□ New UEFI Secure Boot flaw exposes systems to bootkits, patch now. https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/

■■■■■ Zero-Day | Fortinet: Members of a new hacker group have leaked configuration files, IP addresses, and VPN credentials for more than 15,000 FortiGate devices, making them available to the cyber underground for free. The Belsen Group, which announced the leak, first appeared on networks and forums this month. To promote their Belsen Group brand,…

■■■□□ Cyberattackers Hide Infostealers in YouTube Comments. https://www.darkreading.com/threat-intelligence/cyberattackers-infostealers-youtube-comments-google-search

■■■■□ Electronic Warfare: Saab expands EW sensor production in Finland. https://defence-blog.com/saab-expands-ew-sensors-production-in-finland/

■■■■□ Signed FUD sample. https://bazaar.abuse.ch/sample/cbb84155467087c4da2ec411463e4af379582bb742ce7009156756482868859c/

■□□□□ OpenAI’s AI reasoning model ‘thinks’ in Chinese sometimes and no one really knows why. https://techcrunch.com/2025/01/14/openais-ai-reasoning-model-thinks-in-chinese-sometimes-and-no-one-really-knows-why/

■■□□□ Hackers use FastHTTP in new high-speed Microsoft 365 password attacks. https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/

■■■■■ Zero-Day Vulnerability in PDF Files Leaking NTLM Data in Adobe & Foxit Reader. Adobe Reader: Adobe determined the behavior was not a security issue, as it is limited to intranet domains only. They emphasized that this design decision aligns with their trust model for handling network resources. Foxit Reader: Foxit Software treated the discovery…