Lucene search
K

812 matches found

ThreatPost
ThreatPost
added 2020/03/24 9:1 p.m.49 views

Unknown 'WildPressure' Malware Campaign Lets Off Steam in Middle East

A malware campaign that shares no known similarities to previous attacks has been uncovered, targeting organizations in the Middle East. Dubbed “WildPressure,” the campaign used a previously unknown malware that researchers named Milum, after the C++ class names inside the code. According to...

7.2AI score
Exploits0References9
Kitploit
Kitploit
added 2020/03/23 11:30 a.m.80 views

FinalRecon v1.0.2 - OSINT Tool For All-In-One Web Reconnaissance

FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new modules can be added with ease. Features FinalRecon provides detailed information such as : Header Information Whois SSL Certificate Information Crawler DNS Enumeration A, AAAA,...

7.1AI score
Exploits0References1
FireEye
FireEye
added 2020/02/24 12:0 a.m.28 views

Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT

Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE a.k.a. Snake /...

0.5AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/02/18 7:48 p.m.52 views

Iran-Backed APTs Collaborate on 3-Year 'Fox Kitten' Global Spy Campaign

Two Iran-backed APTs could be working together on a sprawling, three-year campaign to compromise high-value organizations from the IT, telecom, oil and gas, aviation, government and security sectors in Israel and around the world, according to a report by researchers at ClearSky. They maintain,...

0.1AI score
Exploits0References11
The Hacker News
The Hacker News
added 2020/02/18 3:6 p.m.5 views

Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide

A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed "Fox Kitten ," the cyber-espionage campaign is said to have been directed a...

5.8AI score
Exploits0
Trellix
Trellix
added 2020/02/12 12:0 a.m.12 views

CSI Evidence Indicators for Targeted Ransomware Attacks

ARCHIVED STORY CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I By Trellix · Febraury 12, 2020 For many years now I have been working and teaching in the field of digital forensics, malware analysis and threat intelligence. During one of the classes we always talk about Lockard’s...

0.4AI score
Exploits0
Trellix
Trellix
added 2020/02/12 12:0 a.m.9 views

CSI Evidence Indicators for Targeted Ransomware Attacks

ARCHIVED STORY CSI: Evidence Indicators for Targeted Ransomware Attacks – Part I By Trellix · Febraury 12, 2020 For many years now I have been working and teaching in the field of digital forensics, malware analysis and threat intelligence. During one of the classes we always talk about Lockard’s...

7.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/02/04 5:30 p.m.8473 views

Ghost in the shell: Investigating web shell attacks

Recently, an organization in the public sector discovered that one of their internet-facing servers was misconfigured and allowed attackers to upload a web shell, which let the adversaries gain a foothold for further compromise. The organization enlisted the services of Microsoft’s Detection and...

7.5CVSS0.3AI score0.99913EPSS
Exploits56
Kitploit
Kitploit
added 2020/01/31 11:30 a.m.135 views

MassDNS - A High-Performance DNS Stub Resolver For Bulk Lookups And Reconnaissance (Subdomain Enumeration)

MassDNS is a simple high-performance DNS stub resolver targetting those who seek to resolve a massive amount of domain names in the order of millions or even billions. Without special configuration, MassDNS is capable of resolving over 350,000 names per second using publicly available resolvers...

7.5AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/01/09 11:0 a.m.82 views

TrickBot Adds Custom, Stealthy Backdoor to its Arsenal

The Russian-speaking cybercriminals behind the TrickBot malware have developed a stealthy backdoor dubbed “PowerTrick,” in order to infiltrate high-value targets. According to research from SentinelLabs, released on Thursday, PowerTrick is designed to execute commands and return the results in...

0.9AI score
Exploits0References9
Kitploit
Kitploit
added 2020/01/03 12:30 p.m.95 views

Kamerka GUI - Ultimate Internet Of Things/Industrial Control Systems Reconnaissance Tool

Ultimate Internet of Things/Industrial Control Systemsreconnaissance tool. Powered by Shodan - Supported by Binary Edge & WhoisXMLAPI writeup - https://medium.com/@wojciech/hack-the-planet-with-%EA%93%98amerka-gui-ultimate-internet-of-things-industrial-control-systems-5ff7d9686b29 Demo -...

7.2AI score
Exploits0References6
Hacker One
Hacker One
added 2019/12/26 12:27 p.m.61 views

U.S. Dept Of Defense: Publicly accessible Grafana install allows pivoting to Prometheus datasource

Summary: A publicly accessible Grafana install exposes semi sensitive Dashboards. This also exposes the Prometheus proxied datasources which allow direct queries to a Prometheus instance which reveals sensitive data an opens the instance up to potential DoS via crafted requests. Description: Impa...

0.5AI score
Exploits0
Kitploit
Kitploit
added 2019/12/24 11:30 a.m.279 views

AttackSurfaceMapper - A Tool That Aims To Automate The Reconnaissance Process

Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/12/20 8:30 p.m.1617 views

Lazyrecon - Script To Automate Your Reconnaissance Process In An Organized Fashion

LazyRecon is a script written in Bash, it is intended to automate some tedious tasks of reconnaissance and information gathering. This tool allows you to gather some information that should help you identify what to do next and where to look. Usage ./lazyrecon.sh -d target.com Main Features Creat...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2019/12/13 7:7 p.m.116 views

Elegant sLoad Carries Out Spying, Payload Delivery in BITS

A fresh analysis of the trojan sLoad sheds light on the growing trend of advanced malware “living off the land” of a targeted system and successfully evading detection and carrying out malicious activities. SLoad is a PowerShell downloader type of malware and is known for its impressive...

7AI score
Exploits0References10
Kitploit
Kitploit
added 2019/12/09 8:33 p.m.204 views

ReconPi - Set Up Your Raspberry Pi To Perform Basic Recon Scans

ReconPi - A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi. Start using that Raspberry Pi -- I know you all have one laying around somewhere ; Installation Check the updated blogpost here for a complete guide on how to set up your own...

7AI score
Exploits0References16
Schneier on Security
Schneier on Security
added 2019/11/29 10:13 p.m.75 views

Friday Squid Blogging: Squid-Like Underwater Drone

The Sea Hunting Autonomous Reconnaissance Drone SHARD swims like a squid and can explode on command. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

1.6AI score
Exploits0
Kitploit
Kitploit
added 2019/11/19 8:44 p.m.478 views

WinPwn - Automation For Internal Windows Penetrationtest / AD-Security

In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. I often ran the same scripts one after the other to get information about the current system and/or the domain. To automate as many internal...

8AI score
Exploits0References19
Carbon Black Blog
Carbon Black Blog
added 2019/11/11 4:8 p.m.752 views

Wild Blue Yonder: VMware Carbon Black ThreatSight Dissects BlueKeep Windows Exploit

VMware Carbon Black’s ThreatSight TS team monitors customer environments to detect and alert on new and emerging threats. Recently, ThreatSight detected malicious behavior that leveraged several attack vectors, including one of the first known uses of the newly released BlueKeep Windows exploit i...

10CVSS0.8AI score0.99999EPSS
Exploits123
Prion
Prion
added 2019/11/05 8:15 p.m.19 views

Design/Logic Flaw

A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to view sensitive system files that should be restricted. The attacker could use this information to conduct additional reconnaissance...

2.1CVSS5.5AI score0.00309EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder