NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers

An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. "The attacks are reaching victims mainly in Southern Europe...

CVE-2023-36777

creationtimestamp| type| source ---|---|--- 2023-09-13 10:06:37+00:00| seen| https://t.me/kasperskyb2b/872 2024-09-19 18:02:10+00:00| seen| https://www.thezdi.com/blog/2024/9/18/exploiting-exchange-powershell-after-proxynotshell-part-3-dll-loading-chain-for-rce...

CVE-2023-36744

creationtimestamp| type| source ---|---|--- 2023-09-12 20:29:25+00:00| seen| https://t.me/cibsecurity/70333 2024-09-19 18:02:10+00:00| seen| https://www.thezdi.com/blog/2024/9/18/exploiting-exchange-powershell-after-proxynotshell-part-3-dll-loading-chain-for-rce...

Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign

A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple computers on the...

How to get delivery group published name/assigned users detail information via Powershell command

Get delivery group published name/assigned users/Desktopsdetail information via Powershell command...

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...

HTTP-Shell - MultiPlatform HTTP Reverse Shell

HTTP-Shell is Multiplatform Reverse Shell. This tool helps you to obtain a shell-like interface on a reverse connection over HTTP. Unlike other reverse shells, the main goal of the tool is to use it in conjunction with Microsoft Dev Tunnels, in order to get a connection as close as possible to a...

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. "Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,"...

New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists

A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and received a malicious LNK file from an address impersonatin...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 En este caso, os comparto los archivos necesar...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

OBTENCIÓN DE REVERSE SHELL EXPLOTANDO LA VULNERABILIDAD CVE-20...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

OBTENCIÓN DE REVERSE SHELL EXPLOTANDO LA VULNERABILIDAD CVE-20...

How to Delete Many VDI and Their Accounts by Using PowerShell Command

This article is designed to describe how to remove a machine from machine catalog as well as hypervisor through PowerShell command...

How to Remove Users That Can Access the Delivery Group via PowerShell

This article is designed to describe how to remove users in the below screenshot via powershell instead of using UI. Disclaimer: information displayed in screenshots are Citrix test server data...

How generate a Citrix Cloud bearer token and use it on a PowerShell API query

This article outlines the steps to generate a Citrix Cloud bearer tokenand use it on a PowerShell API query...

AD_Enumeration_Hunt - Collection Of PowerShell Scripts And Commands That Can Be Used For Active Directory (AD) Penetration Testing And Security Assessment

Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory AD penetration testing and security assessment. The scripts cover various aspects of AD enumeration, user and group management, computer...

PT-2023-27313 · Shescape · Shescape

Name of the Vulnerable Software and Affected Versions: Shescape versions prior to 1.7.4 Description: The issue affects users of Shescape on Windows in a threaded context, allowing attackers to bypass protections by exploiting Shescape's failure to correctly escape for the expected shell. This can...

Delivery Controller fails to connect to local SQL Express database

Migrating databases for existing site from a full SQL server to a SQL Express instance running in the same VM as one of the Delivery Controllers causes the controller hosting the SQL Express not to be able to connect to the database, even after the correct machine account permissions and login...

Unable to enter multi-factor authentication with Citrix DaaS Remote PowerShell SDK

After installing and running the Virtual Apps and Desktops Remote PowerShell SDK, explicit authentication is required using the Get-XdAuthentication cmdlet. After entering the username and password, multi-factor authentication dialog is displayed,but the 6-digit OTP code input items are not...

Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks

Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the registry's users. "These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a...