America's Army Security Vulnerabilities

Lexmark Printers Open to Arbitrary Code-Execution Zero Day

Lexmark printers – those ubiquitous, inky office workhorses that fill homes and offices, and are found all the way on up to the federal government – have an unpatched vulnerability that could lead to serious, easy-to-execute attacks that require neither privileges nor user interaction and which...

Cyber espionage by Chinese hackers in neighbouring nations is on the rise

A string of cyber espionage campaigns dating all the way back to 2014 and likely focused on gathering defense information from neighbouring countries have been linked to a Chinese military-intelligence apparatus. In a wide-ranging report published by Massachusetts-headquartered Recorded Future...

Vulnerabilities in Weapons Systems

"If you think any of these systems are going to work as expected in wartime, you're fooling yourself." That was Bruce's response at a conference hosted by US Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the Internet. That....

Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses on protecting valuable business assets, data, and...

Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses on protecting valuable business assets, data, and...

Why Retailers Fail to Stop Shopping Bots

In the 1970s the United States encountered an “oil embargo” that dramatically curtailed people from being able to purchase gasoline for their vehicles. “No Gas Today” signs were everywhere. Gas rationing was imposed by only allowing car owners to buy gas based on whether the final numbers on their....

Anti-Vaxxer Hijacks QR Codes at COVID-19 Check-In Sites

Quick-response (QR) codes used by a COVID-19 contact-tracing program were hijacked by a man who simply slapped up scam QR codes on top to redirect users to an anti-vaccination website, according to local police. He now faces two counts of “obstructing operations carried out relative to COVID-19...

Prometei botnet uses NSA exploit, hits unpatched MS exchange servers

By Waqas Unpatched MS Exchange Servers are being hunted by Prometei botnet to expand its army of Monero cryptocurrency mining bots. This is a post from HackRead.com Read the original post: Prometei botnet uses NSA exploit, hits unpatched MS exchange...

On North Korea’s Cyberattack Capabilities

Excellent New Yorker article on North Korea's offensive cyber...

QR Codes Offer Easy Cyberattack Avenues as Usage Spikes

The use of mobile quick-response (QR) codes in daily life, for both work and personal use, continues to rise – and yet, most people aren’t aware that these handy mobile shortcuts can open them up to savvy cyberattacks. That’s according to Ivanti, which carried out a survey of 4,157 consumers...

Swiss Army knife For Information Security: What is Comprehensive Protection?

Written by Sergey Ozhegov, CEO of SearchInform In the early days of information security, we used to rely on antivirus and firewall in our arsenal. Once I even “caught” a leak with the help of the firewall logs: I noticed an atypically large data upload and found out that the user was uploading...

Rubeus - C# Toolset For Raw Kerberos Interaction And Abuses

Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project (CC BY-NC-SA 4.0 license) and Vincent LE TOUX's MakeMeEnterpriseAdmin project (GPL v3.0 license). Full credit goes to Benjamin and Vincent for working out the hard components...

RedTorch Formed from Ashes of Norse Corp.

Remember Norse Corp., the company behind the interactive "pew-pew" cyber attack map shown in the image below? Norse imploded rather suddenly in 2016 following a series of managerial missteps and funding debacles. Now, the founders of Norse have launched a new company with a somewhat different...

Royal Mail scam says your parcel is waiting for delivery

Expecting a delivery? Watch out for phishing attempts warning of held packages and bogus shipping fees. This Royal Mail delivery scam begins with a text message out of the blue, claiming: Your Royal Mail parcel is waiting for delivery. Please confirm the settlement amount of 2.99 GBP via:...

U.S. Weapons Programs Lack 'Key' Cybersecurity Measures

Weapons programs from the U.S. Department of Defense (DoD) are falling short when it comes to incorporating cybersecurity requirements, according to a new watchdog report. While the DoD has developed a range of policies aimed at hardening the security for its weapon systems, the guidance leaves...

China’s RedEcho accused of targeting India’s power grids

RedEcho, an advanced persistent threat (APT) group from China, has attempted to infiltrate the systems behind India's power grids, according to a threat analysis report from Recorded Future [PDF]. It appears that what triggered this attempt to gain a foothold in India's critical power generation...

Romance scams: FTC reveals $304 million of heartache

In 2020, reported losses to the FTC for romance scams went up by 50% from 2019, totalling $304 million. And things weren't exactly good before: Romance scams have cost people a fortune for 3 years running, according to the FTC. Their latest report suggests a steady rise in these kind of scams...

Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report

Last year, threat actors took advantage of the COVID-19 public health crisis in a way previously considered unimaginable, not only preying on uncertainty and fear during the initial months of the global pandemic, but retooling attack methods, reneging on promises, strengthening malware, and...

Hackers Exploit IT Monitoring Tool Centreon to Target Several French Entities

Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign — which breached "several French entities" — is said to have started in late 2017 and...

Code Injection in heartexlabs/label-studio

Description Label Studio is a swiss army knife of data labeling and annotation tools which is vulnerable to Arbitrary Code Execution. Vulnerability Vulnerable to YAML deserialization attack caused by unsafe loading. Proof of Concept Installation bash pip3 install label-studio Run exploit.py ```...

Top 5 Bug Bounty Platforms to Watch in 2021

While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in the "Application Crowdtesting Services" category. We have compiled the top 5 most promising bug bounty platforms for those of you who are looking....

Utah Ponders Making Online ‘Catfishing’ a Crime

Legislature introduced in Utah means it could soon be illegal there to pretend to be someone else when engaging in certain types of deceptive activities on the internet, a practice known as “catfishing.” The Online Impersonation Prohibition up for debate this week in the Utah House of...

Facebook Ad Services Let Anyone Target US Military Personnel

Researchers warn that an advertising platform with categories like “Army” and “United States Air Force Security Forces” could be...

Police Have Disrupted the Emotet Botnet

A coordinated effort has captured the command-and-control servers of the Emotet botnet: Emotet establishes a backdoor onto Windows computer systems via automated phishing emails that distribute Word documents compromised with malware. Subjects of emails and documents in Emotet campaigns are...

European Authorities Disrupt Emotet — World's Most Dangerous Malware

Law enforcement agencies from as many as eight countries dismantled the infrastructure of Emotet, a notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks over the past decade. The coordinated takedown of the botnet on Tuesday — dubbed "Operation...

MobileHackersWeapons - Mobile Hacker's Weapons / A Collection Of Cool Tools Used By Mobile Hackers

A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting Weapons OS | Type | Name | Description ---|---|---|--- All | Analysis | RMS-Runtime-Mobile-Security | Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS...

Hack the US Army for good with ‘Hack The Army’ bug bounty program

By Sudais Asif For now, only those with invitation can join the new bug bounty program. Here's what we know so far and what to expect. This is a post from HackRead.com Read the original post: Hack the US Army for good with 'Hack The Army' bug bounty...

British Court Rejects U.S. Request to Extradite WikiLeaks' Julian Assange

A British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange to the country on charges pertaining to illegally obtaining and sharing classified material related to national security. In a hearing at Westminster Magistrates' Court today, Judge Vanessa...

h1-ctf: Hackyholidays [ h1-ctf] writeup [mission:- stop the grinch ]

Hello Team Description In the continuous series of 12 days, twelve flags were hidden inside Hackyholidays site - hackyholidays.h1ctf.com in which once we get all the flags, grinch can be stopped. This write-up will describe solving all the 12 days challenges. Step To Reproduce It all started when.....

The strangest cybersecurity events of 2020: a look back

This year is finally coming to an end, and it only took us about eight consecutive months of March to get here. There is a ton to talk about, and that’s without even discussing the literal global pandemic. You see, 2020's news stories were the pressure-cooker product of mania, chaos, and the...

h1-ctf: How The Hackers Saved Christmas

{F1139789} Challenge I 🤖 "What are you doing?" I asked myself. I was about to trespass a clear warning to keep out. {F1139744} "Have you lost your mind?" But I couldn't help it. I was born for this. And I wasn't going to back down. There are 12 more days until Christmas Eve, and I wasn't going to....

What's Next for Ransomware in 2021?

Ransomware works. That’s the simplest way to explain why incidents of ransomware attacks have sharply increased over the last year — with no end in sight. The number of ransomware attacks has jumped by 350 percent since 2018, the average ransom payment increased by more than 100 percent this year,....

h1-ctf: h1-ctf : 12 days of hack holiday writeup

Summary This was a real fun CTF and I really enjoyed solving the challenges. Great job on creating the challenges. This is my writeup for the "12 Days of Hacky Holidays CTF". I hope you enjoy reading it, and I hope others reading it will pick up a trick or two. Flags: This is all the flags found...

h1-ctf: hackyholidays CTF Writeup

Summary: As per the referenced blog entry, the Grinch has gone hi-tech this year with the intentions of ruining the holidays. The challenge was about infiltrating the Grinch's network and take it down. As outlined on https://hackerone.com/h1-ctf, the domain hackyholidays.h1ctf.com was in scope....

Most-Wanted Threatpost Stories of 2020

As 2020 draws to a close, it’s clear that work-from-home security, ransomware, COVID-19-themed social engineering and attacks by nation-states will go down as defining topics for the cybersecurity world for the year. Threatpost also took a retrospective view on what readers were most interested...

h1-ctf: 12 Days of CTF Walkthroughs

h1-ctf: 12 Days of Hacky Holidays This is my writeup for 12 Days of Hacky Holidays. The report is written such that beginners to CTFs will be able to learn the tricks of the trade. The Mission: The Grinch has gone hi-tech this year with the intention of ruining the holidays 😱We need you to...

h1-ctf: Hacky Holidays Writeup

On December 12th, 2020, the CTF became live and the scope that we are allowed to attack was In Scope Domain - hackyholidays.h1ctf.com Our main motive was to infiltrate his network and take him down. The challenges appeared one by one till 24th of December. Here we will be going through all the...

h1-ctf: Successfully took down the Grinch and saved the holidays from being ruined

Beginning HackerOne's official twitter account posted a tweet on 11th December announcing 12 days of hacky holidays where we have to take down the grinch and prevent him from ruining the Christmas holidays. {F1132156} Challenge 1: Something to get started I visited https://hackerone.com/h1-ctf to.....

h1-ctf: [h1-ctf] 12 Days of Adventure to stop Grinch from ruining Christmas

Day 1: https://hackyholidays.h1ctf.com/robots.txt User-agent: * Disallow: /s3cr3t-ar3a Flag: flag{48104912-28b0-494a-9995-a203d1e261e7} Here we go with the 1st flag flag{48104912-28b0-494a-9995-a203d1e261e7} Day 2: From the robots.txt file we were able to find this endpoint,...

Proxify - Swiss Army Knife Proxy Tool For HTTP/HTTPS Traffic Capture, Manipulation, And Replay On The Go

Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into...

h1-ctf: [hacky-holidays] Grinch network is down

Flag 1 As always CTF begins with a tweet: {F1126838} So we are supposed to start from https://hackyholidays.h1ctf.com/ . The first flag was easy on https://hackyholidays.h1ctf.com/ I found a file named robots.txt which had the following content: User-agent: * Disallow: /s3cr3t-ar3a Flag:...

h1-ctf: Wholesome Hacky Holidays: A Writeup

Flag 1 Warm-up: flag{48104912-28b0-494a-9995-a203d1e261e7} Checking the robots.txt the flag can be found. Also a path is revealed: /s3cr3t-ar3a Flag 2 It's right in front of you: flag{b7ebcb75-9100-4f91-8454-cfb9574459f7} With the previously found path /s3cr3t-ar3a, the flag was hidden in plain...

Swego - Swiss Army Knife Webserver In Golang

Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features. Usage Help $ ./webserver -help web subcommand -bind string Bind Port (default "8080") -certificate string HTTPS certificate :...

Opportunities and Threats – IoT and the Rise of 5G

The Internet of Things (IoT) is expanding rapidly. The number of connected devices in homes, businesses, and vehicles across the world is expected to increase from around 8 billion today to over 24 billion within the next decade, with much of this growth enabled by the introduction of 5G. This...

SharpMapExec - A Sharpen Version Of CrackMapExec

A sharpen version of CrackMapExec. This tool is made to simplify penetration testing of networks and to create a swiss army knife that is made for running on Windows which is often a requirement during insider threat simulation engagements. Besides scanning for access it can be used to identify...

Cryptologists Crack Zodiac Killer's 340 Cipher

A remote team of three hobbyist cryptologists have solved one of the Zodiac Killer’s cipher after a half century. And while the name of the elusive serial killer remains hidden, the breakthrough represents a triumph for cryptology and the basic building blocks of cybersecurity — access control and....

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign

The SideWinder advanced persistent threat (APT) group has mounted a fresh phishing and malware initiative, using recent territory disputes between China, India, Nepal and Pakistan as lures. The goal is to gather sensitive information from its targets, mainly located in Nepal and Afghanistan....

Divers Pull Rare Surviving WWII Enigma Cipher Machine from Bottom of the Baltic

German divers for the environmental group World Wildlife Fund were searching the ocean floor for abandoned nets threatening marine wildlife. What they found instead is a treasured piece of computing history, a World War II-era German Enigma crypto machine, sunk to the bottom of the Baltic Sea to...

Karkinos - Penetration Testing And Hacking CTF's Swiss Army Knife With: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of...

Exploit for Cross-site Scripting in Gchq Cyberchef

CyberChef [![Build...