812 matches found
TIDoS Framework - The Offensive Web Application Penetration Testing Framework
TIDoS Framework is a comprehensive web-app audit framework. let's keep this simple Highlights :- The main highlights of this framework is: TIDoS Framework now boasts of a century+ of modules. A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis. Has ...
Threatlist: Manufacturing, a Top Target for Espionage
When it comes to cyberattack-related reconnaissance and lateral movement activity, the manufacturing industry exhibits higher than normal rates. That’s according to Vectra’s 2018 Spotlight Report on Manufacturing, which crunched data from more than 4 million devices and workloads from customer...
Raccoon - A High Performance Offensive Security Tool For Reconnaissance And Vulnerability Scanning
Offensive Security Tool for Reconnaissance and Information Gathering. Features DNS details DNS visual mapping using DNS dumpster WHOIS information TLS Data - supported ciphers, TLS versions, certificate details and SANs Port Scan Services and scripts scan URL fuzzing and dir/file detection...
Portforge.Cr - A Script Which Opens Multiple Sockets From A Specific Port Range You Input
This script is intended to open as many sockets as you which between 1024 - 65535. Lower than 1024 works too but you have to be a root user for that. This can be useful when you don't want people to map out your device and see what you're running and not, so it's a small step to defeat...
Phishing Campaign Steals Money From Industrial Companies
Industrial production companies are the targets in a large-scale spear-phishing email campaign aimed at installing legitimate remote administration software on victims’ systems. Researchers with Kaspersky Lab said that emails purporting to be commercial offers were the conduit to enabling attacke...
Network and System Reconnaissance Tool: Sandmap
Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine . It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...
Reconnaissance and Vulnerability Scanning Tool: Raccoon
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan output...
The Data Breach ‘Kill Chain’: Early Detection is Key
Today, organizations rely heavily on data, with a big portion of that data made up of sensitive information. As organizations become the custodians of more and more sensitive information, the frequency of data breaches increases accordingly. In some cases, the origin of a data breach is outside o...
Recent Andariel Group ActiveX Attacks Point to Future Targets
Researchers say that the North Korea-linked Andariel hacking group may be looking to switch up its targets, based on key changes in its script found on recently compromised websites. The Andariel group is associated with the infamous Lazarus Group, North Korea’s cyber-espionage unit. Andariel has...
Gaza Cybergang Returns With New Attacks On Palestinian Authority
Security researchers from Check Point Threat Intelligence Team have discovered the comeback of an APT advanced persistent threat surveillance group targeting institutions across the Middle East, specifically the Palestinian Authority. The attack, dubbed "Big Bang," begins with a phishing email se...
Carbon Black TAU Threat Analysis: Recent Dharma Ransomware Highlights Attackers’ Continued Use of Open-Source Tools
In June of 2018, an organization contacted the Carbon Black Threat Analysis Unit TAU about a ransomware attack they were currently investigating. TAU team members worked with the firm investigating the incident. After the initial analysis was completed, it became apparent that this network had be...
Malicious PowerShell Detection via Machine Learning
Introduction Cyber security vendors and researchers have reported for years how PowerShell is being used by cyber threat actors to install backdoors, execute malicious code, and otherwise achieve their objectives within enterprises. Security is a cat-and-mouse game between adversaries, researcher...
DejaVU - Open Source Deception Framework
Deception techniques if deployed well can be very effective for organizations to improve network defense and can be a useful arsenal for blue teams to detect attacks at very early stage of cyber kill chain. But the challenge we have seen is deploying, managing and administering decoys across larg...
Sandmap - A Tool Supporting Network And System Reconnaissance Using The Massive Nmap Engine
Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine...
Portspoof - Enhance Your Systems Security Through A Set Of New Camouflage Techniques
The Portspoof program primary goal is to enhance your system's security through a set of new camouflage techniques. As a result of applying them your attackers' port scan result will become entirely mangled and to very significant extent meaningless. Techniques used to achieve this: All configure...
Man Climbs Severn Bridge. Your office is twice as easy and half as scary
So you think no one would ever sneak into your business? Think Again. The man who climbed the Severn Bridge and broke into the Big Brother house seems to have method to his madness. Here’s why. When I describe Social Engineering to some I get a common response: “Yeah, but who would ever do that i...
CVE-2018-0288
The CVE-2018-0288 issue concerns Cisco WebEx Recording Format (WRF) Player: a design flaw in processing WRF files can allow remote attackers to read memory outside the mapped file boundaries, enabling information disclosure. Affected products include Cisco WebEx Business Suite meeting sites, WebE...
Cisco WebEx Recording Format Player Information Disclosure Vulnerability
A vulnerability in Cisco WebEx Recording Format WRF Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a...
ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks
Thailand’s Computer Emergency Response Team ThaiCERT has seized a server operated by the North Korea-linked Hidden Cobra APT, which is used to control the global GhostSecret espionage campaign. The campaign is still ongoing. ThaiCERT said in an alert on Wednesday that it is working with McAfee an...
Drupalgeddon3: Third Critical Flaw Discovered
For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core. The vulnerability, code-named...