With the emergence of new technologies, the Internet of Things (IoT) has been proposed recently which aims at providing very-long-range transmission with low power consumption. However, this technology suffers from several security and privacy vulnerabilities that could compromise availability, authentication, and privacy. This channel aims to provide enormous stuff, for instance, books, codes, videos, and presentations slides. Please welcome and join us.
@iotpenetrationtesting
@iotpenetrationtesting
IoT/ICS Security & Malware pinned «With the emergence of new technologies, the Internet of Things (IoT) has been proposed recently which aims at providing very-long-range transmission with low power consumption. However, this technology suffers from several security and privacy vulnerabilities…»
Node poisoning:
hijacked package delivers coin miner
and credential-stealing backdoor
https://news.sophos.com/en-us/2021/10/24/node-poisoning-hijacked-package-delivers-coin-miner-and-credential-stealing-backdoor
#Malware_analysis
hijacked package delivers coin miner
and credential-stealing backdoor
https://news.sophos.com/en-us/2021/10/24/node-poisoning-hijacked-package-delivers-coin-miner-and-credential-stealing-backdoor
#Malware_analysis
Sophos News
Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor
A hacked NPM account was used to deliver Linux and Windows Monero miners and Windows credential-stealing malware along with a popular node.js library.
#Malware_analysis
DECAF Ransomware (Go)
https://blog.morphisec.com/decaf-ransomware-a-new-golang-threat-makes-its-appearance
DECAF Ransomware (Go)
https://blog.morphisec.com/decaf-ransomware-a-new-golang-threat-makes-its-appearance
Morphisec
DECAF Ransomware: A New Golang Threat Makes Its Appearance
The DECAF Ransomware written in the Go language is becoming more popular among threat actors. We recommend organizations update their breach prevention strategy.
#Malware_analysis
1. ExcelPeek - tool to help investigate potentially Malicious MS Excel Files
https://github.com/slaughterjames/excelpeek
2. Targeted Attack Campaign Against ManageEngine ADSelfService Plus
https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge
@IotPenetrationTesting
1. ExcelPeek - tool to help investigate potentially Malicious MS Excel Files
https://github.com/slaughterjames/excelpeek
2. Targeted Attack Campaign Against ManageEngine ADSelfService Plus
https://unit42.paloaltonetworks.com/manageengine-godzilla-nglite-kdcsponge
@IotPenetrationTesting
GitHub
GitHub - slaughterjames/excelpeek
Contribute to slaughterjames/excelpeek development by creating an account on GitHub.
#SCADA_Security
AttkFinder is a tool that performs static program analysis of PLC programs, and produce Data-oriented Attack vectors
https://gitlab.com/jhcastel/attkfinder
AttkFinder is a tool that performs static program analysis of PLC programs, and produce Data-oriented Attack vectors
https://gitlab.com/jhcastel/attkfinder
GitLab
John Caste / attkfinder · GitLab
#amsi #powershell #bypass
AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process
https://amsi.fail
AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process
https://amsi.fail
Forwarded from F.P.W Library Sec [ CyberSecurity Book ] (#M)
NUCLEUS13.pdf
1.5 MB
#SCADA_Security
"NUCLEUS:13
Dissecting the Nucleus TCP/IP stack", 2021.
// NUCLEUS:13 - a set of 13 vulnerabilities affecting the Nucleus TCP/IP stack, currently owned by Siemens and used in billions of devices
@library_Sec
"NUCLEUS:13
Dissecting the Nucleus TCP/IP stack", 2021.
// NUCLEUS:13 - a set of 13 vulnerabilities affecting the Nucleus TCP/IP stack, currently owned by Siemens and used in billions of devices
@library_Sec
Forwarded from Red Blue Team
#RedTeam
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage.
https://github.com/iDigitalFlame/PvJ-CTF-RedTools
@BlueRedTeam
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage.
https://github.com/iDigitalFlame/PvJ-CTF-RedTools
@BlueRedTeam
GitHub
GitHub - iDigitalFlame/PvJ-CTF-RedTools: Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand…
Red Team Tools used for Pros Versus Joes CTF Games. Here for Blue Teams to understand the pwnage. - iDigitalFlame/PvJ-CTF-RedTools
#Malware_analysis
1. Automate Qbot Malware String Decryption
With Ghidra Script
https://www.reddit.com/r/ReverseEngineering/comments/qt0rd9/automate_qbot_malware_string_decryption_with
2. Obfuscated Maldoc: Reversed BASE64
https://isc.sans.edu/forums/diary/Obfuscated+Maldoc+Reversed+BASE64/28030
@iotpenetrationtesting
1. Automate Qbot Malware String Decryption
With Ghidra Script
https://www.reddit.com/r/ReverseEngineering/comments/qt0rd9/automate_qbot_malware_string_decryption_with
2. Obfuscated Maldoc: Reversed BASE64
https://isc.sans.edu/forums/diary/Obfuscated+Maldoc+Reversed+BASE64/28030
@iotpenetrationtesting
Reddit
From the ReverseEngineering community on Reddit: Automate Qbot Malware String Decryption With Ghidra Script
Explore this post and more from the ReverseEngineering community
#Malware_analysis
1. Sabbath Ransomware
https://www.mandiant.com/resources/sabbath-ransomware-affiliate
2. Yanluowang Ransomware
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-targeted-ransomware
@iotpenetrationtesting
1. Sabbath Ransomware
https://www.mandiant.com/resources/sabbath-ransomware-affiliate
2. Yanluowang Ransomware
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/yanluowang-targeted-ransomware
@iotpenetrationtesting
Google Cloud Blog
Kitten.gif: Meet the Sabbath Ransomware Affiliate Program, Again | Google Cloud Blog
#Malware_analysis
Smishing Botnets
https://research.checkpoint.com/2021/smishing-botnets-going-viral-in-iran
@IotPenetrationTesting
Smishing Botnets
https://research.checkpoint.com/2021/smishing-botnets-going-viral-in-iran
@IotPenetrationTesting
Check Point Research
Smishing Botnets Going Viral in Iran - Check Point Research
Research by: Shmuel Cohen Introduction In the last few months, multiple Iranian media and social networks have published warnings about ongoing SMS phishing campaigns impersonating Iranian government services. The story is as old as time: victims click on…