Shelltropy: hiding malicious shellcode via Shannon encodingShelltropy A technique of hiding malicious shellcode based on low-entropy via Shannon encoding. Entropy is the measure of the randomness......
Author: admin
awsEnum: Enumerate AWS services
awsEnum: Enumerate AWS servicesawsEnum awsEnum is a python script that enumerates AWS services through the provided credential. It is coded and published to... The post awsEnum:...
Darkweb Oxy Buyer Sentenced for Owning Firearms
Darkweb Oxy Buyer Sentenced for Owning FirearmsA man who admitted purchasing counterfeit oxycodone pills on the darkweb was sentenced to 18 months of probation for possessing......
Gallia – Extendable Pentesting Framework
Gallia – Extendable Pentesting FrameworkGallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration... The post...
pyCobaltHound: Aggressor script extension for Cobalt Strike
pyCobaltHound: Aggressor script extension for Cobalt StrikepyCobaltHound pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide deep integration between Cobalt Strike and Bloodhound. pyCobaltHound strives to......
6 Actionable Fraud Prevention Tips For Your Financial Institution
6 Actionable Fraud Prevention Tips For Your Financial InstitutionConsumers aren’t the only ones who might fall victim to fraud committed online. Because of recent data breaches...
SharpWSUS – CSharp tool for lateral movement through WSUS
SharpWSUS – CSharp tool for lateral movement through WSUSSharpWSUS is a CSharp tool for lateral movement through WSUS. There is a corresponding blog (https://labs.nettitude.com/blog/introducing-sharpwsus/) which has...
WV Man Sentenced to Prison for Buying Meth on the Darkweb
WV Man Sentenced to Prison for Buying Meth on the DarkwebA federal judge sentenced a West Virginian to ten years in prison for ordering hundreds of...
awsEnum – Enumerate AWS Cloud Resources Based On Provided Credential
awsEnum – Enumerate AWS Cloud Resources Based On Provided CredentialEnumrate AWS services! with no nosies awsEnum is a python script enumrate AWS services through the provided...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad BLEEPINGCOMPUTER Haxf4rall Security
WebView2 Cookie Stealer: Attacking With WebView2 Applications
WebView2 Cookie Stealer: Attacking With WebView2 ApplicationsWebView2 Cookie Stealer The main advantage of using WebView2 for attackers is the rich functionality it provides when phishing for......
Dlinject – Inject A Shared Library (I.E. Arbitrary Code) Into A Live Linux Process, Without Ptrace
Dlinject – Inject A Shared Library (I.E. Arbitrary Code) Into A Live Linux Process, Without PtraceInject a shared library (i.e. arbitrary code) into a live linux...
DeepTraffic – Deep Learning Models For Network Traffic Classification
DeepTraffic – Deep Learning Models For Network Traffic ClassificationFor more information please read our papers. Wei Wang’s Google Scholar Homepage Wei Wang, Xuewen Zeng, Xiaozhou...
Expert released CVE-2022-26763 PoC for macOS execute arbitrary code flaw
Expert released CVE-2022-26763 PoC for macOS execute arbitrary code flawSecurity researchers released CVE-2022-26763 PoC exploit code for a critical execute arbitrary code vulnerability affecting multiple Apple products....
Microsoft-365-Extractor-Suite – A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit Log
Microsoft-365-Extractor-Suite – A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit LogThis suite of scripts contains two...
DLLirant v0.4 releases: automatize the DLL Hijacking research on a specified binary
DLLirant v0.4 releases: automatize the DLL Hijacking research on a specified binaryDLLirant DLLirant is a tool to automatize the DLL Hijacking research on a specified binary....
Aiodnsbrute – DNS Asynchronous Brute Force Utility
Aiodnsbrute – DNS Asynchronous Brute Force Utility[*] A Python 3.5+ tool that uses asyncio to brute force domain names asynchronously. Speed It’s fast. Benchmarks on small......
goaccess v1.6.1 releases: real-time web log analyzer and interactive viewer
goaccess v1.6.1 releases: real-time web log analyzer and interactive viewerGoAccess GoAccess is an open-source real-time web log analyzer and interactive viewer that runs in a terminal on *nix systems...
CRACKMAPEXEC v5.3 – A swiss army knife for pentesting networks
CRACKMAPEXEC v5.3 – A swiss army knife for pentesting networksCRACKMAPEXEC CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory...
Bypass Url Parser: tests many url bypasses to reach a 40X protected page
Bypass Url Parser: tests many url bypasses to reach a 40X protected pageBypass Url Parser A tool that tests MANY urls bypasses to reach a 40X protected...
Google sends alert about “Hermit” spyware on Android and iOS devices
Google sends alert about “Hermit” spyware on Android and iOS devicesEXECUTIVE SUMMARY: Google has issued an alert concerning government-grade spyware on phones. The company warns that...
CISOs Gain False Confidence in the Calm After the Storm of the Pandemic
CISOs Gain False Confidence in the Calm After the Storm of the PandemicContenido de la entradaLeer másProofpoint News Feed
thehackernews – FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug
The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a joint advisory warning that Russia-backed...
threatpost – ‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps
threatpost Scammers are bypassing Apple’s App Store security, stealing thousands of dollars’ worth of cryptocurrency from the unwitting, using the TestFlight and WebClips programs. For about...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global
cisomag – Global Affairs Canada Hit by Cyberattack
While the officials did not mention the attackers behind the security incident on Global Affairs Canada, a probe had been initiated to investigate the cyberattack. CISOMAG...
0 - CT 0 - CT - Cybersecurity Architecture - IOT Security 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global
cisomag – 3 Common IoT Attacks that Compromise Security
Unpatched vulnerabilities and design flaws in IoT devices have become a gateway for threat actors to penetrate user and corporate networks. CISOMAG The explosion of IoT...
theregister – Ukraine uses Clearview AI facial-recognition technology
Controversial search engine being used to identify dead and Russian operatives The Register The Ukrainian government is using facial recognition technology from startup Clearview AI to...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Attacks Cyber Security Global
theregister – Viasat, Rosneft hit by cyberattacks as Ukraine war spills online
One shows signs of a state-sponsored intrusion, the other potentially not The Register Signs of Russian cyberattacks on Western-owned digital systems have begun to emerge –...
thehackernews – Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords
The Hacker News French video game company Ubisoft on Friday confirmed it was a victim of a “cyber security incident,” causing temporary disruptions to its games,...
INFOSECURITY – Omicron Scam Targets Universities
Dozens of universities are being hit with a coordinated cyber-attack that uses news of the Omicron variant as a lure to steal login credentials. Evidence of...
INFOSECURITY – PFIZER ALLEGES INSIDER STOLE #COVID19 VACCINE DOCS BY PHIL MUNCASTER – DATA STOLEN , INSIDER THREAT.
Pharmaceuticals giant Pfizer alleges that an employee stole COVID-19 vaccine secrets in advance of a job move to a rival company. The New York-headquartered firm filed...