Lucene search
K

216 matches found

The Hacker News
The Hacker News
added 2023/09/11 7:54 a.m.64 views

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/05 11:14 a.m.27 views

Key Cybersecurity Tools That Can Mitigate the Cost of a Breach

IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What's interesting is the difference in how organizations respond to threats and which technologies are helping reduce the cost...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/08/07 3:0 p.m.16 views

Microsoft AI Red Team building future of safer AI

An essential part of shipping software securely is red teaming. It broadly refers to the practice of emulating real-world adversaries and their tools, tactics, and procedures to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of systems. Microso...

7.5AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/08/07 3:0 p.m.20 views

Microsoft AI Red Team building future of safer AI

An essential part of shipping software securely is red teaming. It broadly refers to the practice of emulating real-world adversaries and their tools, tactics, and procedures to identify risks, uncover blind spots, validate assumptions, and improve the overall security posture of systems. Microso...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/19 10:20 a.m.47 views

Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware

The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2023/06/28 2:12 a.m.59 views

HardHatC2 - A C# Command And Control Framework

A cross-platform, collaborative, Command & Control framework written in C, designed for red teaming and ease of use. HardHat is a multiplayer C .NET-based command and control framework. Designed to aid in red team engagements and penetration testing. HardHat aims to improve the quality of life...

8.3AI score
Exploits0References4
The Hacker News
The Hacker News
added 2023/05/26 6:38 a.m.48 views

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to the VirusTotal public malware scanning utility in...

7.7AI score
Exploits0
Kitploit
Kitploit
added 2023/05/12 12:30 p.m.26 views

TLDHunt - Domain Availability Checker

TLDHunt is a command-line tool designed to help users find available domain names for their online projects or businesses. By providing a keyword and a list of TLD top-level domain extensions, TLDHunt checks the availability of domain names that match the given criteria. This tool is particularly...

7.3AI score
Exploits0References2
The Coalfire Blog
The Coalfire Blog
added 2023/04/10 4:21 p.m.17 views

Threat-informed defense: The evolution of red teaming in cybersecurity

While there are several approaches to vulnerability management like pen testing and red teaming, adversary emulation is the only method that contributes to a threat-informed defense cybersecurity strategy...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2023/03/05 11:30 a.m.85 views

RedTeam-Physical-Tools - Red Team Toolkit - A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry

 The links of the products may change with time, if so, just ping me on twitter so I can update them. None of the links are affiliated or sponsored. Also, I have personally purchased almost every single item from this list out of my own pocket based on needs for engagements. If there are any oth...

6.8AI score
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/01/10 12:0 a.m.8 views

What is Red Teaming & How it Benefits Orgs

Running real-world attack simulations can help improve organizations' cybersecurity resilience...

2.6AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/09/15 12:0 a.m.17 views

Red Teaming to Reduce Cyber Risk

Discover how red teaming can help reduce cyber risk across your ever-expanding digital attack surface...

1AI score
Exploits0
Kitploit
Kitploit
added 2022/05/22 9:30 p.m.61 views

RedTeam-Physical-Tools - Red Team Toolkit - A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry

Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to share most of the tools I utilize in authorized engagements, along with my personal ranking of their value based on their usage and for you to consider if they shou...

7.3AI score
Exploits0References1
The Coalfire Blog
The Coalfire Blog
added 2022/04/14 7:15 p.m.21 views

Penetration testing and red teaming: The differences and reasons why both are important to your business

Penetration testing, also known as ethical hacking, white-hat hacking, or pen testing, is one important form of security assessment that tests people, process, and technology to find security vulnerabilities that a potential attacker could exploit. Red teaming is a more targeted approach that...

0.9AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/14 11:9 a.m.25 views

How Extended Security Posture Management Optimizes Your Security Stack

As a CISO, one of the most challenging questions to answer is "How well are we protected right now?" Between the acceleration of hackers' offensive capabilities and the dynamic nature of information networks, a drift in the security posture is unavoidable and needs to be continuously compensated...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2021/11/24 8:30 p.m.33 views

Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets

RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets capable of conducting simulating complex offensive cyberspace operations. --- Getting Started Take a look at the RedHerd documentation for instructions on how to getting started with...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2021/11/22 8:30 p.m.41 views

ThreatBox - A Standard And Controlled Linux Based Attack Platform

ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why no...

7.8AI score
Exploits0References3
Kitploit
Kitploit
added 2021/10/30 11:30 a.m.16 views

GC2 - A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive

GC2 Google Command and Control is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any...

7.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/10/22 7:59 p.m.23 views

FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

The financially motivated cybercrime gang behind the Carbanak backdoor malware, FIN7, has hit upon a genius idea for maximizing profit from ransomware: Hire real pen-testers to do some of their dirty work instead of striking partnerships with other criminals. According to a report from Gemini...

6.9AI score
Exploits0References12
ThreatPost
ThreatPost
added 2021/10/21 7:31 p.m.39 views

TA551 Shifts Tactics to Install Sliver Red-Teaming Tool

The criminal threat group known as TA551 has added the Sliver red-teaming tool to its bag of tracks – a move that may signal ramped up ransomware attacks ahead, researchers said. According to Proofpoint researchers, TA551 aka Shathak has been mounting cyberattacks that start with email thread...

7.7AI score
Exploits0References8
Rows per page
Query Builder