3 matches found
Malicious Package
Overview claudeai-eng is a malicious package. This package mimics a tool for working with Claude, silently exfiltrating data and compromising developer environments. Remediation Avoid using all malicious instances of the claudeai-eng package. References - Vulnerability Report Credit: Leonid...
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Updated August 26, 2022: Added instructions to enable collection of AD FS event logs in order to search for Event ID 501, and added a new resource for AD FS audit logging in Microsoft Sentinel. Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, whi...
Situational Awareness
A common step in the life-cycle of a red team engagement is to gather as much information is possible for the compromised environments and the domain network. This activity is often called situational awareness and there is no defined list of commands that a red teamer should execute. However all...