top of page
ALL POSTS
BitLocker Bypass via GreatXML: Public PoC Exploit Disclosed
Key Findings GreatXML BitLocker bypass exploit publicly disclosed, allowing local attackers full access to encrypted drives Exploit manipulates Windows Defender Offline Scan feature to grant unrestricted administrative shell Attack requires physical access and specific conditions: prior Defender offline scan or ability to boot into WinRE Researcher Nightmare Eclipse claims accidental discovery taking only 4 hours Ongoing dispute between researcher and Microsoft over vulnerabi
Jun 113 min read
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Key Findings: Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections. Starkiller is advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a dashboard to impersonate brands or enter a brand's real URL. The platform lets users choose custom keywords and integrates URL shorteners to obscure the destin
Mar 33 min read
bottom of page
