Xsimpa

‼️🚨 One of the world's largest Certificate Authorities, DigiCert, was compromised by a malicious screensaver file sent through a customer support chat. Their antivirus blocked the malware four times. The agent kept clicking. The fifth try got through. 27 code signing certificates were stolen and used to sign malware. DigiCert ultimately revoked 60 certificates. Per DigiCert's incident report, filed in Mozilla's CA compliance tracker as Bug 2033170, here is how it unfolded: April 2: an attacker contacted a DigiCert helpdesk agent through the company's customer support chat channel, posing as a customer. The lure was a zip file pitched as a screenshot. Inside the zip was a .scr file. On Windows, .scr files are executables, and this one carried a malicious payload. Opening a file a customer sent through the official support channel is what an agent is supposed to do. Support staff are the one role designed to accept files from strangers. DigiCert's endpoint security blocked four infection attempts. On the fifth, the support analyst's machine was infected. DigiCert detected the infection, ran an investigation, and concluded the incident was contained. Eleven days later, an external researcher tipped DigiCert off about misuse of DigiCert-issued code signing certificates in the wild. That tip led to the discovery of a second compromised machine, belonging to a different support analyst, infected through the same vector. The EDR on that machine had not been functioning correctly, so the original investigation missed it. The second machine gave the attacker access to DigiCert's internal support portal. That portal lets support staff reach limited views of customer accounts, including initialization codes for ordered but not-yet-issued code signing certificates. Combining a stolen initialization code with an approved order let the attacker pull a real, validly issued code signing certificate. They did this 27 times. DigiCert's own list of what went wrong: - File-type filtering on the customer support chat channel did not catch the .scr - EDR coverage was inconsistent and incomplete, creating a blind spot - Initialization codes for code signing certificates were not adequately protected DigiCert says it got lucky. An outside researcher found the malware abuse before DigiCert did. Without that tip, the second machine and the active certificate theft might still be running today.

📨 Alert: DKIM replay attacks continue this week. Several non‑Apple IPs are spoofing appliedid@id.apple.com and still passing DKIM and DMARC, which lets these messages evade most email security layers. To help defenders identify and hunt these attacks, I’m resharing my LinkedIn article below: DKIM Replay Attacks Exposed - Hunting Methods linkedin.com/pulse/defender… #Cybersecurity #DKIMReplayAttack #DefenderXDR

𝗟𝗲𝘃𝗲𝗹 𝗨𝗽 𝗬𝗼𝘂𝗿 𝗕𝗹𝘂𝗲 𝗧𝗲𝗮𝗺𝗶𝗻𝗴 𝗦𝗸𝗶𝗹𝗹𝘀 𝘄𝗶𝘁𝗵 𝗖𝗕𝗧𝗲𝗮𝗺𝗲𝗿 | 𝗡𝗼𝘄 𝗮𝘁 𝟵𝟬% 𝗗𝗶𝘀𝗰𝗼𝘂𝗻𝘁! ☑️ 🎁 𝙂𝙞𝙫𝙚𝙖𝙬𝙖𝙮 𝘼𝙡𝙚𝙧𝙩: 𝙇𝙞𝙠𝙚, 𝙨𝙝𝙖𝙧𝙚/𝙧𝙚𝙥𝙤𝙨𝙩, 𝙘𝙤𝙢𝙢𝙚𝙣𝙩 “𝘾𝘽𝙏𝙚𝙖𝙢𝙚𝙧” 𝙖𝙣𝙙 𝙩𝙖𝙜 𝙮𝙤𝙪𝙧 𝙗𝙡𝙪𝙚-𝙩𝙚𝙖𝙢 𝙛𝙧𝙞𝙚𝙣𝙙𝙨 — 3 𝙡𝙪𝙘𝙠𝙮 𝙬𝙞𝙣𝙣𝙚𝙧𝙨 𝙬𝙞𝙡𝙡 𝙜𝙚𝙩 𝙁𝙍𝙀𝙀 𝙖𝙘𝙘𝙚𝙨𝙨 𝙩𝙤 𝙩𝙝𝙚 𝘾𝘽𝙏𝙚𝙖𝙢𝙚𝙧 𝙚𝙭𝙖𝙢! Step into the role of a 𝘉𝘭𝘶𝘦 𝘛𝘦𝘢𝘮𝘦𝘳 with our 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗲𝗱 𝗕𝗹𝘂𝗲 𝗧𝗲𝗮𝗺𝗲𝗿 (𝗖𝗕𝗧𝗲𝗮𝗺𝗲𝗿) exam and defend against real-world cyber threats like a professional. 🎯 𝟵𝟬% 𝗗𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗖𝗼𝗱𝗲: BLUE-90 ➡️ Intermediate-level exam ➡️ Investigate, correlate & interpret multi-stage intrusions ➡️ Work in Windows Active Directory environments ➡️ 💻 Become a stronger defender 🔐 🔗 Get started here: pentestingexams.com/certifications…

@TheSecOpsGroup the blue journey :)

☑️ 𝗞𝗶𝗰𝗸𝘀𝘁𝗮𝗿𝘁 𝘆𝗼𝘂𝗿 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗷𝗼𝘂𝗿𝗻𝗲𝘆 𝘄𝗶𝘁𝗵 𝗼𝘂𝗿 𝗕𝗹𝘂𝗲 𝗧𝗲𝗮𝗺 𝗣𝗿𝗮𝗰𝘁𝗶𝘁𝗶𝗼𝗻𝗲𝗿 (𝗖𝗕𝗧𝗣) 𝗲𝘅𝗮𝗺! 🎉 𝗕𝗼𝗻𝘂𝘀 𝗚𝗶𝘃𝗲𝗮𝘄𝗮𝘆: 𝟯 𝗹𝘂𝗰𝗸𝘆 𝘄𝗶𝗻𝗻𝗲𝗿𝘀 𝘄𝗶𝗹𝗹 𝗴𝗲𝘁 𝘁𝗵𝗲𝗖𝗕𝗧𝗣 𝗲𝘅𝗮𝗺 𝗮𝗯𝘀𝗼𝗹𝘂𝘁𝗲𝗹𝘆 𝗙𝗥𝗘𝗘. 💡 To enter: 👍 𝗟𝗶𝗸𝗲, 🔁 𝗦𝗵𝗮𝗿𝗲 & 🗨️ 𝗖𝗼𝗺𝗺𝗲𝗻𝘁 An entry-level certification designed to test your knowledge of the core concepts of blue teaming and defensive security. It’s the perfect first step toward a SOC Analyst career path. 🔵 Standard Price: £𝟭𝟬𝟬 🔵 𝗣𝗮𝘆 𝗝𝘂𝘀𝘁: £𝟭𝟬 𝘄𝗶𝘁𝗵 𝟵𝟬% 𝗗𝗶𝘀𝗰𝗼𝘂𝗻𝘁 - 𝗨𝘀𝗲 𝟵𝟬% 𝗗𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗖𝗼𝗱𝗲: BLUE-90 ➡️ Start building the skills that matter and begin your Blue Team journey today pentestingexams.com/certifications… #CyberSecurity #Pentesting #BlueTeam #SOCAnalyst #InformationSecurity #SecurityOperations #CyberCareer #CareerGrowth #EntryLevelJobs #CyberTraining #Certification #BlueTeamPractitioner #SOCCareer #DefensiveSecurity #TechCareers #PentestingExams

GOOGLE BUILT A VULNERABILITY SCANNER AND OPEN-SOURCED IT most devs ship code without knowing half their dependencies are ticking time bombs osv-scanner fixes that it scans your entire project lockfiles, containers, even vendored c/c++ code and maps every dependency against the osv.dev database supports 11+ ecosystems. npm, pip, cargo, maven, go modules, gem. all of it. the guided remediation feature is the real unlock... it doesn't just tell you what's broken.... it tells you exactly which version upgrades fix the most issues with the least risk call analysis built in. so you only get alerts for vulnerable functions your code actually calls. no noise works offline too. download the db once, scan without internet one command to scan your whole directory: osv-scanner scan source -r ./ github.com/google/osv-sca…

Another exciting giveaway for our community as part of the Month of Azure Red Teaming 2026. We’re giving you a chance to win FREE access to our Azure Red Team courses: • CARTP® (Beginner) • CARTE® (Advanced) If you’ve been looking to build real-world Azure Red Teaming skills through hands-on labs and practical attack paths, this is your opportunity. How to participate: • Like and follow us • Comment which course you’re interested in and why • Repost this post We will announce the random winners on April 25, 2026. Don’t miss this exclusive Month of Azure Red Teaming offer: Flat 20% OFF on our Azure Red Team courses Use code: MOART20 Valid till May 5, 2026 Explore now: alteredsecurity.com/azure-red-team… #Azure #RedTeaming #CloudSecurity #CyberSecurity #AzureSecurity #Giveaway #AlteredSecurity

@DfirDiva @13CubedDFIR Investigating Linux Devices

📣 I partnered with @13CubedDFIR for another giveaway! 🎁 🏆 Five winners will receive a 13Cubed course of their choice from the list below + a Forensicator T-Shirt. 13Cubed Courses: - Investigating Windows Endpoints - Investigating Windows Memory - Investigating Linux Devices - Investigating macOS Endpoints Each course comes with a Certificate of Completion as well as Certification attempts! On April 25th, entries across social media platforms will be combined, and the five winners will be selected. To Enter: ✅ Like ✅ Share ✅ Comment which course you want to win the most For more information ⬇️ Link to 13Cubed Training: training.13cubed.com 13Cubed Merch Store: shop.13cubed.com #DFIR #DigitalForensics #IncidentResponse

@TheSecOpsGroup 𝘼𝙂𝙀𝙉𝙏𝙄𝘾 𝘼𝙄

📈 𝗧𝗵𝗲 𝗡𝗲𝘅𝘁 𝗘𝘃𝗼𝗹𝘂𝘁𝗶𝗼𝗻 𝗼𝗳 𝗔𝗜 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗶𝘀 𝗛𝗲𝗿𝗲 👉 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗲𝗱 𝗔𝗴𝗲𝗻𝘁𝗶𝗰 𝗔𝗜 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗲𝗿! 𝗚𝗜𝗩𝗘𝗔𝗪𝗔𝗬 𝗔𝗟𝗘𝗥𝗧 🎁 𝙒𝙚’𝙧𝙚 𝙜𝙞𝙫𝙞𝙣𝙜 𝙖𝙬𝙖𝙮 𝟯 𝙁𝙍𝙀𝙀 𝘾-𝘼𝙜𝘼𝙄𝙋𝙚𝙣 𝙚𝙭𝙖𝙢 𝙫𝙤𝙪𝙘𝙝𝙚𝙧𝙨 🎉 𝙏𝙤 𝙥𝙖𝙧𝙩𝙞𝙘𝙞𝙥𝙖𝙩𝙚: 👍 𝙇𝙞𝙠𝙚 𝙩𝙝𝙞𝙨 𝙥𝙤𝙨𝙩 🗨️ 𝘾𝙤𝙢𝙢𝙚𝙣𝙩 “𝘼𝙂𝙀𝙉𝙏𝙄𝘾 𝘼𝙄” ♻️ 𝙎𝙝𝙖𝙧𝙚 𝙩𝙝𝙞𝙨 𝙥𝙤𝙨𝙩 🔽 𝗔𝗯𝗼𝘂𝘁 𝗲𝘅𝗮𝗺: The 𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗲𝗱 𝗔𝗴𝗲𝗻𝘁𝗶𝗰 𝗔𝗜 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗲𝗿 (𝗖-𝗔𝗴𝗔𝗜𝗣𝗲𝗻) is a hands-on certification focused on testing candidate’s understanding of the fundamental concepts related to Agentic AI and GenAI application security. 💸 𝗨𝗻𝗹𝗼𝗰𝗸 𝘆𝗼𝘂𝗿 𝗮𝘁𝘁𝗲𝗺𝗽𝘁 𝘄𝗶𝘁𝗵 𝟴𝟬% 𝗱𝗶𝘀𝗰𝗼𝘂𝗻𝘁 𝗰𝗼𝗱𝗲: AGENTIC-80 🔁 𝗛𝗼𝘄 𝘁𝗵𝗲 𝗘𝘅𝗮𝗺 𝗖𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀 𝗬𝗼𝘂 (𝗔𝘁𝘁𝗮𝗰𝗸 𝗙𝗹𝗼𝘄) 🔁 Identify AI Agent Behavior → Analyze Decision-Making → Interact with Tools → Discover Vulnerabilities → Exploit Weak Points → Perform Multi-Step Attacks → Goal Manipulation → Tool Abuse → Prompt Injection 👀🎥 𝙒𝙖𝙩𝙘𝙝 𝙩𝙝𝙚 𝙗𝙚𝙡𝙤𝙬 𝙫𝙞𝙙𝙚𝙤 𝙛𝙤𝙧 𝙢𝙤𝙧𝙚 𝙞𝙣𝙛𝙤𝙧𝙢𝙖𝙩𝙞𝙤𝙣 Grab the opportunity today: pentestingexams.com/certifications… #CyberSecurity #AgenticAI #AISecurity #Pentesting #RedTeam #Infosec #AppSec #EthicalHacking #CyberDefense #AI #SecurityTesting #CyberAwareness

.@joswr1ght just announced a 720-page modern incident response book. 18 months in the making. The first comprehensive update to foundational IR frameworks since 2001. Released to the community for free. “Someone asked me, ‘Do you like writing?’ I say, ‘No, I like having written.’ That’s a different thing altogether. But I wrote this book because I kept seeing the same problems over and over again.” This is what giving back looks like. ➡️ Details in the RSAC deep dive: go.sans.org/nTAdXo @OneRSAC | #RSAC #Cybersecurtiy #ThreatIntel #IncidentResponse

@theXSSrat <img src=x onerror=alert("hi")>

GIVEAWAY TIMEEEE - You do NOT want to miss this I am giving away 1x copy of my endless bundle! thexssrat.podia.com/full-house-bun… - Leave a comment saying "hi" - Like the post - Share the post This endless bundle contains ALL my courses, certs and lives but it is more than this - it is an ecosystem of ethical hackers just like you. This is my inner circle. I will pick 1 winner within 72 hours

@nikhil_mitt both camps are exceptional red teaming courses! 👍 @nikhil_mitt @AlteredSecurity

Giveaway - Our instructor-led advanced bootcamps for sharpening your Red Team skills start this weekend. Attacking and Defending Active Directory - Advanced Edition (CRTE) starts this Friday. Advanced Windows Tradecraft - Evasion Techniques for Red Teams (CETP) starts this Saturday. I am giving away one seat for each of the bootcamps. To participate, please Follow @nikhil_mitt and @AlteredSecurity, Like, Comment and Repost. We will announce the random winners on Wednesday. alteredsecurity.com/bootcamps?utm_… #RedTeam #Evasion

I often get asked how THOR fits into a world of AV and EDR. "Don’t EDRs already detect attackers?" "Yes. But not everywhere. And not everything." So I made two simple slides to show where the gaps usually are - and what kind of coverage THOR actually adds. It’s less about replacing tools, more about eliminating blind spots. Maybe this makes it clearer. @thor_scanner @nextronsystems

Attacking Active Directory with Linux is now live on Red Labs (Beta)! Learn real AD attack paths with: • Linux-driven tradecraft • Enterprise attack methodology • Concept-led course videos Free learning course for the Red Team community redlabs.enterprisesecurity.io #Linux #RedTeam #ActiveDirectory #RedLabs #AlteredSecurity

@DfirDiva @13CubedDFIR "Investigating Windows Memory" Roses are red, violets are blue, and DFIR is our passion :)

📣 I partnered with @13CubedDFIR for a Valentine's Day Giveaway! 🎁 🏆 1 Grand Prize winner will receive one course of their choice from the list below + a 13Cubed Investigator T-Shirt. Courses: - Investigating Windows Endpoints - Investigating Windows Memory - Investigating macOS Endpoints - Investigating Linux Devices Each course comes with a Certificate of Completion as well as Certification attempts. 👕 5 winners will receive 13Cubed Investigator T-Shirts. To Enter: ✅ Like ✅ Comment with the name of the course you want to win ✅ Repost On Valentine's Day (February 14th, 2026) entries from across three social media platforms will be combined and winners will be selected. For more info check out: 13Cubed Courses: training.13cubed.com Certification Information: training.13cubed.com/certifications T-Shirts: shop.13cubed.com #DFIR #DigitalForensics #IncidentResponse