Bootlicker – A Generic UEFI Bootkit Used To Achieve Initial Usermode Execution
bootlicker is a legacy, extensible UEFI firmware rootkit targeting vmware hypervisor virtual machines. It is designed to achieve initial code...
threatintel
GodPotato – Local Privilege Escalation Tool From A Windows Service Accounts To NT AUTHORITY\SYSTEM
Based on the history of Potato privilege escalation for 6 years, from the beginning of RottenPotato to the end of...
Graphcat – Generate Graphs And Charts Based On Password Cracking Result
Simple script to generate graphs and charts on hashcat (and john) potfile and ntds Install git clone https://github.com/Orange-Cyberdefense/graphcatcd graphcatpip install...
Platbox – UEFI And SMM Assessment Tool
UEFI and SMM Assessment Tool Features Platbox is a tool that helps assessing the security of the platform: Dumps the...
Azure-AccessPermissions – Easy to use PowerShell script to enumerate access permissions in an Azure Active Directory environment
Easy to use PowerShell script to enumerate access permissions in an Azure Active Directory environment. Background details can be found...
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers...
North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social...
New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at...
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its...
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers...
The Importance of Managing Your Data Security Posture
Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the...
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its...
North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social...
LockBit 3.0 Ransomware Victim: fsd[.]se
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ykk[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 139[.]155[.]138[.]189:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]106[.]176[.]108:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]108[.]239[.]81:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]66[.]230[.]215:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]115[.]201[.]249:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]155[.]145[.]128:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]242[.]250[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited
A critical flaw in Progress Software's in MOVEit Transfer managed file transfer application has come under widespread exploitation in the...
North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social...
