ITSEC Newsletter 2025-12-11

Author

Henrik Falk
December 11, 2025

Linux CVEs, more than you ever wanted to know

It’s been almost 2 full years since Linux became a CNA (Certificate Numbering Authority) which meant that we (i.e. the kernel.org community) are now responsible for issuing all CVEs for the Linux kernel. During this time, we’ve become one of the largest creators of CVEs by quantity, going from nothing to number 3 in 2024 to number 1 in 2025. Naturally, this has caused some questions about how we are both doing all of this work, and how people can keep track of it.

www.kroah.com/log/blog/2025/12/08/linux-cves-more-than-you-ever-wanted-to-know

Holy Shuck! Weaponizing NTLM Hashes as a Wordlist

Instead of trying to recover plaintext passwords from slower algorithms like Kerberos tickets or cached credentials, we can use NTLM (NT) hashes as a wordlist in Hashcat’s NT Modes. This lets us quickly validate password reuse across NTLMv1 and NTLMv2 challenge-responses, Kerberos 5 etype 23 tickets, and DCC/DCC2 hashes. If a match is found, we can spend time more effectively by recovering the plaintext from the NT hash, or by using pass-the-hash (PtH). In this post, I describe hash shucking and its relevance to AD, outline the key Hashcat modes involved, demonstrate the technique with two examples, and close with practical mitigations to limit opportunities for hash shucking.

trustedsec.com/blog/holy-shuck-weaponizing-ntlm-hashes-as-a-wordlist

Git SCOMmit - Putting the Ops in OpsMgr

In this blog, I’ll give you a quick crash course on SCOM - what it is, how its infrastructure and accounts work, and how to build a Ludus environment where you can practice techniques and pursue your own research.

specterops.io/blog/2025/12/09/git-scommit-putting-the-ops-in-opsmgr