Stacs – Static Token And Credential Scanner
Static Token And Credential ScannerWhat is it?STACS is a The performance is really, really bad when running in Docker on...
hacking
Experts found 11 malicious Python packages in the PyPI repository
Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks....
Researchers were able to access the payment portal of the Conti gang
The Conti ransomware group has suffered a data breach that exposed its attack infrastructure and allowed researcher to access it....
Attackers compromise Microsoft Exchange servers to hijack internal email chains
A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails. A...
SillyRAT – A Cross Platform Multifunctional (Windows/Linux/Mac) RAT
A Replace your IP Address and Port on above commands.Running ServerThe server must be executed on Linux. You can buy...
Security Affairs newsletter Round 341
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours
U.S. banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36...
Registry-Recon – Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon
Cobalt Strike How does this work?Primarily, using Cobalt Strike's breg_query and breg_queryv functions. Then, all beacon output is hijacked with...
Study reveals top 200 most common passwords
The annual study on top-used passwords published by Nordpass revealed that we are still using weak credentials that expose us...
The newer cybercrime triad: TrickBot-Emotet-Conti
Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. Early this year,...
pwnSpoof – Generates realistic spoofed log files for common web servers with customisable attack scenarios
pwnSpoof (from About The ProjectpwnSpoof was created on the back of a Road MappwnSpoof is built to produce to authentic...
Rebuilding IronNetInjector – Turla’s IronPython Toolkit
During a recent engagement, we were asked to employ Turla’s Tactics, Techniques, and Procedures (TTPs) using IronNetInjector. This is not...
Tor Project calls to bring more than 200 obfs4 bridges online by December
The Tor Project offers rewards to users who will set up a Tor server after observing a significant drop in...
Canadian teenager stole $36 Million in cryptocurrency via SIM Swapping
A Canadian teen has been arrested for his alleged role in the theft of roughly $36.5 million worth of cryptocurrency....
California Pizza Kitchen discloses a data breach
American pizza chain California Pizza Kitchen (CPK) suffered a data breach that might have exposed personal information of its employees....
Nosferatu – Lsass NTLM Authentication Backdoor
Lsass NTLM Login example using Impacket:LimitationsIn an Active Directory environment, authentication via RDP, runas, or the lock screen does not...
North Korea-linked TA406 cyberespionage group activity in 2021
North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint...
Msticpy – Microsoft Threat Intelligence Security Tools
Microsoft The msticpy package was initially developed to support This is an unsupervised learning module implemented using SciKit Learn DBScan.More...
Conti ransomware operations made at least $25.5 million since July 2021
Researchers revealed that Conti ransomware operators earned at least $25.5 million from ransom payments since July 2021. A study conducted...
Android banking Trojan BrazKing is back with significant evasion improvements
The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM...
Microsoft addresses a high-severity vulnerability in Azure AD
Microsoft recently addressed an information disclosure vulnerability, tracked as CVE-2021-42306, affecting Azure AD. Microsoft has recently addressed an information disclosure...
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores....
Kubernetes-Goat – Is A “Vulnerable By Design” Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security
The Kubernetes Goat is designed to be an intentionally Upcoming Training's and SessionsDEFCON DEMO Labshttps://forum.defcon.org/node/237237Cloud Village - DEFCONhttps://cloud-village.org/#talks?collapseMadhuAkulaRecent Kubernetes Goat...
Zero-Day flaw in FatPipe products actively exploited, FBI warns
The FBI is warning of a zero-day vulnerability in FatPipe products that has been under active exploitation since at least...
