Analysing RTF files from SideWinder APT
https://ift.tt/wTNd6AV
Submitted June 17, 2022 at 12:17AM by OwnPreparation3424
via reddit https://ift.tt/xGbAwaj
https://ift.tt/wTNd6AV
Submitted June 17, 2022 at 12:17AM by OwnPreparation3424
via reddit https://ift.tt/xGbAwaj
Medium
404 — File still found
In early February 2022, we came across a tweet from ShadowChasing1 identifying a SideWinder-related word document which referenced a template URL. In this article, we share our insights from…
AWS Lambda Command Injection
https://ift.tt/z5KS7Pk
Submitted June 17, 2022 at 04:28PM by lormayna
via reddit https://ift.tt/XSTqh20
https://ift.tt/z5KS7Pk
Submitted June 17, 2022 at 04:28PM by lormayna
via reddit https://ift.tt/XSTqh20
www.safe.security
AWS Lambda Command Injection
The attack comprises of performing command injection vulnerability in Lambda Functions in order to steal the AWS keys and access AWS resources as the stolen keys of the IAM role.
Securing OT Network Management Systems: Siemens SINEC NMS
https://ift.tt/ibopXqK
Submitted June 17, 2022 at 08:27PM by derp6996
via reddit https://ift.tt/2Bp1eEJ
https://ift.tt/ibopXqK
Submitted June 17, 2022 at 08:27PM by derp6996
via reddit https://ift.tt/2Bp1eEJ
Claroty
Securing Network Management Systems (Part 3): Siemens SINEC NMS
Analyzing the latest version of Matanbuchus
https://ift.tt/adt9cZq
Submitted June 17, 2022 at 11:33PM by OwnPreparation3424
via reddit https://ift.tt/nN8Mj90
https://ift.tt/adt9cZq
Submitted June 17, 2022 at 11:33PM by OwnPreparation3424
via reddit https://ift.tt/nN8Mj90
Medium
A deal with the devil: Analysis of a recent Matanbuchus sample
Technical analysis of the Matanbuchus malware with focus on network traffic and commands
Quick Malware Analysis Using Free Tools: Matanbuchus with Cobalt Strike pcap from 2022-06-16
https://ift.tt/oRTtu1Q
Submitted June 17, 2022 at 10:59PM by dougburks
via reddit https://ift.tt/Bu39dqU
https://ift.tt/oRTtu1Q
Submitted June 17, 2022 at 10:59PM by dougburks
via reddit https://ift.tt/Bu39dqU
blog.securityonion.net
Quick Malware Analysis: Matanbuchus with Cobalt Strike pcap from 2022-06-16
Thanks to Brad Duncan for sharing this pcap! https://www.malware-traffic-analysis.net/2022/06/16/index.html We did a quick analysis of this ...
BRATA is evolving into an APT | Cleafy Labs
https://ift.tt/RJFrC4v
Submitted June 17, 2022 at 02:16PM by f3d_0x0
via reddit https://ift.tt/ym1ACEI
https://ift.tt/RJFrC4v
Submitted June 17, 2022 at 02:16PM by f3d_0x0
via reddit https://ift.tt/ym1ACEI
Cleafy
BRATA is evolving into an APT | Cleafy Labs
The mobile banking malware BRATA keeps evolving into an APT. Read here the new Technical Report, which explains in detail how it monitors banks' account and how to prevent it.
CSRF leads to account takeover in Yahoo!
https://ift.tt/xc9dsak
Submitted June 18, 2022 at 05:20AM by vinay737
via reddit https://ift.tt/bkzlwf5
https://ift.tt/xc9dsak
Submitted June 18, 2022 at 05:20AM by vinay737
via reddit https://ift.tt/bkzlwf5
A hackers guide to FINDING infosec job
https://ift.tt/cAHJpX9
Submitted June 18, 2022 at 08:11AM by vinay737
via reddit https://ift.tt/dSZ4DTY
https://ift.tt/cAHJpX9
Submitted June 18, 2022 at 08:11AM by vinay737
via reddit https://ift.tt/dSZ4DTY
jhaddix.com
A hackers guide to FINDING cybersecurity jobs
Getting your foot in the door or finding your next gig in cyber security is sometimes a daunting task. Just like hacking, a methodology is needed to succeed. Here's how I see the core components (this methodology will evolve over time): Aquire Skillsets /…
I have created a burp suite extension which allows pentester to keep track of each APIs, write test cases for individual APIs. Lastly the extension allows to map the vulnerable apis to the list of vulnerabilities using a custom checklist.
https://ift.tt/3L2Anp4
Submitted June 18, 2022 at 03:42PM by Ano_F
via reddit https://ift.tt/m0GU6wX
https://ift.tt/3L2Anp4
Submitted June 18, 2022 at 03:42PM by Ano_F
via reddit https://ift.tt/m0GU6wX
portswigger.net
Pentest Mapper
Integrates logging with a custom application testing checklist.
Scheduled Scaling Up & Down Of EC2 Server
https://ift.tt/e6LtKUN
Submitted June 18, 2022 at 04:55PM by ajaidanial
via reddit https://ift.tt/FJIClUu
https://ift.tt/e6LtKUN
Submitted June 18, 2022 at 04:55PM by ajaidanial
via reddit https://ift.tt/FJIClUu
GitHub
GitHub - ajaidanial/gipsy_avenger: A self-hosted scheduler app that will upgrade or downgrade your EC2 servers for you.
A self-hosted scheduler app that will upgrade or downgrade your EC2 servers for you. - GitHub - ajaidanial/gipsy_avenger: A self-hosted scheduler app that will upgrade or downgrade your EC2 servers...
learn ethical hacking and bug bounty with free resources and with proper Guidance...
https://ift.tt/Lb5MzgU
Submitted June 18, 2022 at 06:21PM by rootxd3vil
via reddit https://ift.tt/wXit4I3
https://ift.tt/Lb5MzgU
Submitted June 18, 2022 at 06:21PM by rootxd3vil
via reddit https://ift.tt/wXit4I3
Dangerous Repository of DoS, Red Teaming TTPs, and ICS Exploits
https://ift.tt/z5aTFm2
Submitted June 18, 2022 at 08:26PM by entropydaemon6
via reddit https://ift.tt/z7a8xq3
https://ift.tt/z5aTFm2
Submitted June 18, 2022 at 08:26PM by entropydaemon6
via reddit https://ift.tt/z7a8xq3
GitHub
RoseSecurity - Overview
Cloud Engineer | Hobbyist Hacker. RoseSecurity has 17 repositories available. Follow their code on GitHub.
I made a website can detect over 1000 extensions and shows you the percentage of users that share the same extensions.
https://ift.tt/lERnbqy
Submitted June 19, 2022 at 03:04AM by z0ccc_z0ccc
via reddit https://ift.tt/Xp6u8lk
https://ift.tt/lERnbqy
Submitted June 19, 2022 at 03:04AM by z0ccc_z0ccc
via reddit https://ift.tt/Xp6u8lk
New blog - NMAP and CME 101 stuff
https://ift.tt/X59Azkr
Submitted June 19, 2022 at 04:57PM by Mr-R3b00t
via reddit https://ift.tt/JQIprmb
https://ift.tt/X59Azkr
Submitted June 19, 2022 at 04:57PM by Mr-R3b00t
via reddit https://ift.tt/JQIprmb
Reddit
From the netsec community on Reddit: New blog - NMAP and CME 101 stuff
Posted by Mr-R3b00t - 7 votes and 4 comments
Linux Threat Hunting: 'Syslogk' a kernel rootkit found under development in the wild
https://ift.tt/4nKH5Zz
Submitted June 20, 2022 at 08:03AM by nykzhang
via reddit https://ift.tt/OLZEuSl
https://ift.tt/4nKH5Zz
Submitted June 20, 2022 at 08:03AM by nykzhang
via reddit https://ift.tt/OLZEuSl
Avast Threat Labs
Linux Threat Hunting: 'Syslogk' a kernel rootkit found under development in the wild - Avast Threat Labs
Introduction Rootkits are dangerous pieces of malware. Once in place, they are usually really hard to detect. Their code is typically more challenging to write than other malware, so developers resort to code reuse from open source projects. As rootkits are…
semgrep rule pack by elttam - Java entry-points and security issues in Jackson, Spring Remoting, and Struts DMI
https://ift.tt/NinkHm8
Submitted June 20, 2022 at 11:51AM by Gallus
via reddit https://ift.tt/pZCWncd
https://ift.tt/NinkHm8
Submitted June 20, 2022 at 11:51AM by Gallus
via reddit https://ift.tt/pZCWncd
GitHub
GitHub - elttam/semgrep-rules
Contribute to elttam/semgrep-rules development by creating an account on GitHub.
Zero Trust - A Layered Approach against threats
https://ift.tt/PyhBrbi
Submitted June 20, 2022 at 03:36PM by J_0_5
via reddit https://ift.tt/EpJnqiP
https://ift.tt/PyhBrbi
Submitted June 20, 2022 at 03:36PM by J_0_5
via reddit https://ift.tt/EpJnqiP
Medium
Zero Trust — A Layered Approach against cyber threats — Part II
This article will serve as a follow up to the Zero Trust primer ‘Zero Trust — An Introduction’. In this second part of the series, we’ll…
Hacking into the worldwide Jacuzzi SmartTub network
https://ift.tt/c5CX2da
Submitted June 21, 2022 at 12:20AM by EatonZ
via reddit https://ift.tt/QhXRcN8
https://ift.tt/c5CX2da
Submitted June 21, 2022 at 12:20AM by EatonZ
via reddit https://ift.tt/QhXRcN8
Eaton-Works
Hacking into the worldwide Jacuzzi SmartTub network
Two vulnerable Jacuzzi SmartTub administration panels exposed worldwide customer data for multiple brands.
When the CAS let you in - abusing misconfigured Actuator in Apereo CAS
https://ift.tt/x4cGfI0
Submitted June 21, 2022 at 03:15PM by qwerty0x41
via reddit https://ift.tt/PWteCQ8
https://ift.tt/x4cGfI0
Submitted June 21, 2022 at 03:15PM by qwerty0x41
via reddit https://ift.tt/PWteCQ8
Reddit
r/netsec on Reddit: When the CAS let you in - abusing misconfigured Actuator in Apereo CAS
Posted by u/qwerty0x41 - 3 votes and 1 comment
Intercepting MS Teams Communication
https://ift.tt/vczynXM
Submitted June 21, 2022 at 04:32PM by OwnPreparation3424
via reddit https://ift.tt/OXZhjkq
https://ift.tt/vczynXM
Submitted June 21, 2022 at 04:32PM by OwnPreparation3424
via reddit https://ift.tt/OXZhjkq
Medium
Intercepting MS Teams Communication
Just For Fun And Out Of Curiosity
Reverse Engineering an old Mario & Luigi game for fun
https://ift.tt/t94OCIv
Submitted June 21, 2022 at 07:42PM by CyberMasterV
via reddit https://ift.tt/2QI8mci
https://ift.tt/t94OCIv
Submitted June 21, 2022 at 07:42PM by CyberMasterV
via reddit https://ift.tt/2QI8mci
Reddit
r/netsec on Reddit: Reverse Engineering an old Mario & Luigi game for fun
Posted by u/CyberMasterV - 21 votes and 2 comments