37 matches found
Eternalblue-ms17-010-lab
01-EternalBlue-MS17-010-README.mdhttps://github.com/user-atta...
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
A large-scale malvertising campaign active since January 2026 has been observed targeting U.S.-based individuals searching for tax-related documents to serve rogue installers for ConnectWise ScreenConnect that drop a tool named HwAudKiller to blind security programs using the bring your own...
System-Exploitation-Privilege-Escalation
System Exploitation & Privilege Escalation Lab 📄 Project O...
📄 HP ProCurve 4.00 Credential Disclosure
Proof of concept code that performs a credential dumping attack against vulnerable HP ProCurve SNAC systems. ============================================================================================================================================= | Title : HP ProCurve 4.00 Credential Dumping...
HackTheBox-Penetration-Testing-Methodology
HackTheBox Penetration Testing Methodology by 9mmpterodacty...
Acacium-PostEx-Toolkit
Acacium Automated Post-Exploitation & Lateral Movement Toolkit...
Exploit for Improper Input Validation in Lexmark Cxtpc_Firmware
CVE-2023-34362 POCs for credential dumping, reverse shells, an...
Managed XDR Investigation of Ducktail in Trend Micro Vision One™
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...
Managed XDR Investigation of Ducktail in Trend Vision One™
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Detecting and preventing LSASS credential dumping attacks
Obtaining user operating system OS credentials from a targeted device is among threat actors’ primary goals when launching attacks because these credentials serve as a gateway to various objectives they can achieve in their target organization’s environment, such as lateral movement. One techniqu...
Qualys Threat Research Thursday
Welcome to the second edition of the Qualys Research Team’s “Threat Research Thursday”, where we collect and curate notable new tools, techniques, procedures, threat intelligence, cybersecurity news, malware attacks, and more. Feedback on our first edition, Introducing Qualys Threat Research...
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote attackers to dump all database credential and gain admin accessprivilege escalation...
Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables
THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...
‘Tropic Trooper’ Reemerges to Target Transportation Outfits
They’ve been an active threat group since 2011, but a recent uptick in activity from Earth Centaur – previously known as Tropic Trooper – aimed specifically at transportation and government agencies is setting off alarm bells among experts. Trend Micro researchers have been tracking Tropic...
New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure
In the current pandemic-driven remote work environments, security has become increasingly important. Earlier this year, Colonial Pipeline, one of the leading suppliers of fuel on the East Coast of the United States, was hit by a ransomware attack.1 This caused a massive disruption of the fuel...
Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers
Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the...
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center MSTIC attributes this campaign with high confidence to DEV-0322, a group...