7-Eleven data breach exposes personal information of 185,000 people
The ShinyHunters extortion gang stole personal data of over 183,000 people in an April breach of convenience store giant 7-Eleven, per Have I Been Pwned.
Search, filter, and sort the full guide library.
The ShinyHunters extortion gang stole personal data of over 183,000 people in an April breach of convenience store giant 7-Eleven, per Have I Been Pwned.
Active Directory is the identity layer of the enterprise, and its permission model is complex enough to create accidental privilege escalation paths. ACL abuse exploits granular AD permissions like GenericAll, WriteOwner, and ForceChangePassword. Delegation attacks abuse Kerberos constrained/unconstrained delegation. Trust attacks cross domain and forest boundaries. Tools like BloodHound map these paths — attackers use them daily.
Active Directory is the identity backbone of most enterprise networks. It stores users, computers, groups, and policies. Attackers target AD to escalate privileges and persist. Analysts who understand AD structure can detect and trace lateral movement through the domain.
An Active Directory compromise is the highest-impact incident a SOC can face. This playbook covers detection and response for the four most common AD attack patterns: golden ticket (forged Kerberos TGT), DCSync (replicated AD database), Kerberoasting (cracked service account password), and ACL abuse (privilege escalation via AD permissions). Includes the krbtgt password reset procedure — the emergency recovery step when domain trust is lost.
A confluence of active exploits — Linux kernel CVE-2026-46333, Microsoft Defender zero-days, and TeamPCP supply chain worm — created a high-pressure patching week for SOC teams.
A cryptojacking campaign poisons AI chatbot recommendations to direct users to malware sites deploying GPU miners and persistent ScreenConnect backdoors — 150+ malicious domains tracked.
SANS analysts reconstructed an Akira ransomware kill chain from firewall SSLVPN logs and Windows EVTX — no EDR needed — proving that joined log analysis catches what single-source monitoring misses.
Xavier Mertens demonstrates how stack string obfuscation techniques apply to high-level languages, bridging a gap between malware analysis theory and practical detection.
Anthropic may make its restricted Claude Mythos AI model available through Claude Code, giving developers advanced reasoning capabilities.