WinRAR SFX archives can run PowerShell without being detected
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without...
OSINT
US seizes $112 million from cryptocurrency investment scammers
Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency...
CISA warns of Zimbra bug exploited in attacks against NATO countries
The Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw exploited...
RedditC2 – Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a...
“It’s The Service Accounts, Stupid”: Why Do PAM Deployments Take (almost) Forever To Complete
Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory,...
Italian Watchdog Bans OpenAI’s ChatGPT Over Data Protection Concerns
The Italian data protection watchdog, Garante per la Protezione dei Dati Personali (aka Garante), has imposed a temporary ban of...
Western Digital Hit by Network Security Breach – Critical Services Disrupted!
Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems....
Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022...
LockBit 3.0 Ransomware Victim: revvaviation[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gdz[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BugCrowd Bug Bounty Disclosure: – Linux client – Lack of certificate validation leading to RCE – By mmmdspl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
RansomHouse Ransomware Victim: Aero Engine Solution INC
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data...
Cl0p Ransomware Victim: LASOTEL[.]FR
Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Brute Ratel C4 Detected – 54[.]248[.]200[.]60:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
QRExfiltrate – Tool That Allows You To Convert Any Binary File Into A QRcode Movie. The Data Can Then Be Reassembled Visually Allowing Exfiltration Of Data In Air Gapped Systems
This tool is a command line utility that allows you to convert any binary file into a QRcode GIF. The...
Noseyparker – A Command-Line Program That Finds Secrets And Sensitive Information In Textual Data And Git History
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for...
Apk.Sh – Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK
apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding...
ThunderCloud – Cloud Exploit Framework
Cloud Exploit Framework Usage python3 tc.py -h _______ _ _ _____ _ _ |__ __| | | | / ____|...
Fingerprintx – Standalone Utility For Service Discovery On Open Ports!
fingerprintx is a utility similar to httpx that also supports fingerprinting services like as RDP, SSH, MySQL, PostgreSQL, Kafka, etc....
Waf-Bypass – Check Your WAF Before An Attacker Does
WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False...
MSI Dump – A Tool That Analyzes Malicious MSI Installation Packages, Extracts Files, Streams, Binary Data And Incorporates YARA Scanner
MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner....
Decider – A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework
What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping...
CMLoot – Find Interesting Files Stored On (System Center) Configuration Manager (SCCM/CM) SMB Shares
CMLoot was created to easily find interesting files stored on System Center Configuration Manager (SCCM/CM) SMB shares. The shares are...
