1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
I just reverse engineered the YellowKey BitLocker bypass
Microsoft shipped code that checks for a flag called "FailRelock" in every Windows 11 recovery image. When it's set to 1, after recovery unlocks your BitLocker drive, it never relocks it. All you need is a USB stick.
This code only exists in the recovery environment. Not in normal Windows. They left an entire debug testing framework in production.
Big news for Blue Team nerds
That nerd who released those Microsoft 0days has created two new repos on GitHub with spooky sounding names indicating they will be releasing two new Windows 0days.
Very cool
https://t.co/VaWFtW5lFi
I built a fun little side project called Yako.
It started because I got sick of opening a new tab and immediately seeing ads, news, clickbait, and distractions.
I just wanted a calmer start page.
So I made one for Microsoft users and admins.
https://t.co/XTOnylX8Xa
👋 Entra Exporter v3.0 is now out folks!
Amazing effort from @AndrewZtrhgf for
🚀 Blazingly fast export
🌀 Azure IAM support and more
Many thanks to our other contributors including @SamErde, @LitoMore, JayDoubleu and JulianSteiman
Check it out at https://t.co/qzSbhwzpE4
According to CISA "90% of all cyber attacks begin with phishing".
What's stopping you from deploying Windows Hello for Business
and
protecting your users from 90% of these cyber attacks?