attacks » 1bluebass

GitHub Actions Supply Chain Attack

Posted on 2025-08-042025-07-14 by tmack

Source The recent GitHub Actions supply chain attack represents a multi-layered, targeted compromise that initially focused on Coinbase before escalating into a widespread incident affecting thousands of repositories. This sophisticated attack exploited critical CI/CD misconfigurations and leveraged leaked Personal Access Tokens (PATs) to gain unauthorized access, potentially leading to data breaches and code tampering. The Read More …

Hacker TV – Kerberoasting & Attacks 101

Posted on 2025-05-102025-04-10 by tmack

Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …

Conference Video – Defending Against Power Shell Attacks

Posted on 2025-04-132025-02-21 by tmack

Dutch Power Shell User Group – 3rd Power Shell Saturday 2017-04-08

Hacker Video – What Is An XXE Attack

Posted on 2024-11-072024-10-27 by tmack

XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.