216 matches found
Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What's interesting is the difference in how organizations respond to threats and which technologies are helping reduce the cost...
Microsoft AI Red Team building future of safer AI
An essential part of shipping software securely is red teaming. It broadly refers to the practice of emulating real-world adversaries and their tools, tactics, and procedures to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of systems. Microso...
Microsoft AI Red Team building future of safer AI
An essential part of shipping software securely is red teaming. It broadly refers to the practice of emulating real-world adversaries and their tools, tactics, and procedures to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of systems. Microso...
Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware
The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor...
HardHatC2 - A C# Command And Control Framework
A cross-platform, collaborative, Command & Control framework written in C, designed for red teaming and ease of use. HardHat is a multiplayer C .NET-based command and control framework. Designed to aid in red team engagements and penetration testing. HardHat aims to improve the quality of life...
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to the VirusTotal public malware scanning utility in...
TLDHunt - Domain Availability Checker
TLDHunt is a command-line tool designed to help users find available domain names for their online projects or businesses. By providing a keyword and a list of TLD top-level domain extensions, TLDHunt checks the availability of domain names that match the given criteria. This tool is particularly...
Threat-informed defense: The evolution of red teaming in cybersecurity
While there are several approaches to vulnerability management like pen testing and red teaming, adversary emulation is the only method that contributes to a threat-informed defense cybersecurity strategy...
RedTeam-Physical-Tools - Red Team Toolkit - A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry
The links of the products may change with time, if so, just ping me on twitter so I can update them. None of the links are affiliated or sponsored. Also, I have personally purchased almost every single item from this list out of my own pocket based on needs for engagements. If there are any oth...
What is Red Teaming & How it Benefits Orgs
Running real-world attack simulations can help improve organizations' cybersecurity resilience...
Red Teaming to Reduce Cyber Risk
Discover how red teaming can help reduce cyber risk across your ever-expanding digital attack surface...
RedTeam-Physical-Tools - Red Team Toolkit - A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry
Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to share most of the tools I utilize in authorized engagements, along with my personal ranking of their value based on their usage and for you to consider if they shou...
Penetration testing and red teaming: The differences and reasons why both are important to your business
Penetration testing, also known as ethical hacking, white-hat hacking, or pen testing, is one important form of security assessment that tests people, process, and technology to find security vulnerabilities that a potential attacker could exploit. Red teaming is a more targeted approach that...
How Extended Security Posture Management Optimizes Your Security Stack
As a CISO, one of the most challenging questions to answer is "How well are we protected right now?" Between the acceleration of hackers' offensive capabilities and the dynamic nature of information networks, a drift in the security posture is unavoidable and needs to be continuously compensated...
Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets
RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. --- Getting Started Take a look at the RedHerd documentation for instructions on how to getting started with...
ThreatBox - A Standard And Controlled Linux Based Attack Platform
ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why no...
GC2 - A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive
GC2 Google Command and Control is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any...
FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks
The financially motivated cybercrime gang behind the Carbanak backdoor malware, FIN7, has hit upon a genius idea for maximizing profit from ransomware: Hire real pen-testers to do some of their dirty work instead of striking partnerships with other criminals. According to a report from Gemini...
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
The criminal threat group known as TA551 has added the Sliver red-teaming tool to its bag of tracks – a move that may signal ramped up ransomware attacks ahead, researchers said. According to Proofpoint researchers, TA551 aka Shathak has been mounting cyberattacks that start with email thread...