Threat Intelligence Report: APT35 Internal Leak of Hacking Campaigns Against Lebanon, Kuwait, Turkey, Saudi Arabia, Korea, and Domestic Iranian Targets
https://dti.domaintools.com/threat-intelligence-report-apt35-internal-leak-of-hacking-campaigns-against-lebanon-kuwait-turkey-saudi-arabia-korea-and-domestic-iranian-targets/
https://dti.domaintools.com/threat-intelligence-report-apt35-internal-leak-of-hacking-campaigns-against-lebanon-kuwait-turkey-saudi-arabia-korea-and-domestic-iranian-targets/
👍3❤2😁2🔥1
Forwarded from Orca Cyber Weapons
AV-EDRpdf.pdf
274.9 KB
"Not-Too-Safe Boot : Remotely Bypassing Endpoint Security Solutions (AV/EDR/…) and Anti-Tampering Mechanisms"
❤6🔥2
Morphisec Thwarts Russian-Linked StealC V2 Campaign Targeting Blender Users via Malicious .blend Files
https://www.morphisec.com/blog/morphisec-thwarts-russian-linked-stealc-v2-campaign-targeting-blender-users-via-malicious-blend-files/
https://www.morphisec.com/blog/morphisec-thwarts-russian-linked-stealc-v2-campaign-targeting-blender-users-via-malicious-blend-files/
3👍2👎1🤯1
شرکت فناوری اطلاعات بانک تجارت بهمنظور تکمیل و تقویت تیمهای تخصصی خود، از کارشناسان توانمند و باانگیزه دعوت به همکاری مینماید.
کارشناس ارشد تیم قرمز
• آشنایی با فرآیندها و فعالیتهای تیم قرمز
• توانایی اجرای ارزیابیهای امنیتی و پیادهسازی حملات مربوط به اکتیو دایرکتوری
• تجربه کار در حوزه شبیهسازی حملات بر اساس MITRE ATT&CK
• مهارت کار تیمی و ارائه پیشنهادهای فنی برای ارتقای امنیت
مزایا و شرایط همکاری پس از انجام مصاحبه تعیین خواهد شد.
علاقهمندان میتوانند رزومه خود را از طریق لینکدین یا ایمیل ارسال نمایند.
seclab@tejaratbank.ir
کارشناس ارشد تیم قرمز
• آشنایی با فرآیندها و فعالیتهای تیم قرمز
• توانایی اجرای ارزیابیهای امنیتی و پیادهسازی حملات مربوط به اکتیو دایرکتوری
• تجربه کار در حوزه شبیهسازی حملات بر اساس MITRE ATT&CK
• مهارت کار تیمی و ارائه پیشنهادهای فنی برای ارتقای امنیت
مزایا و شرایط همکاری پس از انجام مصاحبه تعیین خواهد شد.
علاقهمندان میتوانند رزومه خود را از طریق لینکدین یا ایمیل ارسال نمایند.
seclab@tejaratbank.ir
2❤21👎6
sidewinder uses server side polymorphism to target pakistan & turkey
https://web.archive.org/web/20240713110655/https://blogs.blackberry.com/ja/jp/2023/10/sidewinder-uses-server-side-polymorphism-to-target-pakistan
https://web.archive.org/web/20240713110655/https://blogs.blackberry.com/ja/jp/2023/10/sidewinder-uses-server-side-polymorphism-to-target-pakistan
🥰2
Source Byte
let me guess , it's CVE-2025-8088 ? md5 : 391325100384964325ed4ace788c8bc2
CVE-2025-80880 🤔
A new wiper attack has been identified by ClearSky Cyber Security affecting Ukraine.
We named this wiper "GamaWiper" (VBS-based wiper).The intrusion chain begins with the exploitation of a vulnerable WinRAR version (CVE-2025-80880). We assess with moderate confidence that this activity is linked to the Gamaredon APT group. This marks the first observed instance of Gamaredon conducting destructive operations rather than its traditional espionage activities
Related IoCs
A new wiper attack has been identified by ClearSky Cyber Security affecting Ukraine.
We named this wiper "GamaWiper" (VBS-based wiper).The intrusion chain begins with the exploitation of a vulnerable WinRAR version (CVE-2025-80880). We assess with moderate confidence that this activity is linked to the Gamaredon APT group. This marks the first observed instance of Gamaredon conducting destructive operations rather than its traditional espionage activities
Related IoCs
❤6
Diffing 7-Zip for CVE-2025-11001
https://pacbypass.github.io/2025/10/16/diffing-7zip-for-cve-2025-11001.html
https://pacbypass.github.io/2025/10/16/diffing-7zip-for-cve-2025-11001.html
2❤7👍4
Forwarded from ARVIN
Inside the Mind of a Ransomware Operator | Exclusive Interview
https://www.youtube.com/watch?v=LhLimreV-K0
https://www.youtube.com/watch?v=LhLimreV-K0
YouTube
Inside the Mind of a Ransomware Operator | Exclusive Interview
I sat down with an active ransomware operator for a conversation they didn't want me to have. No noscript, no filter.
⚠️ DISCLAIMER: This interview is for educational and research purposes only. The content discussed does not constitute endorsement of illegal…
⚠️ DISCLAIMER: This interview is for educational and research purposes only. The content discussed does not constitute endorsement of illegal…
❤5
K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation
https://blog.quarkslab.com/k7-antivirus-named-pipe-abuse-registry-manipulation-and-privilege-escalation.html
#CVE-2024-36424
https://blog.quarkslab.com/k7-antivirus-named-pipe-abuse-registry-manipulation-and-privilege-escalation.html
#CVE-2024-36424
❤6🤔2
React2Shell (CVE-2025-55182) Exploitation: Real-World Incident Response to XMRig Cryptominer Attack
https://raminfp.info/blog/server-compromise-xmrig-cryptominer-incident/
https://raminfp.info/blog/server-compromise-xmrig-cryptominer-incident/
❤5
Sliver C2 Insecure Default Network Policy (#CVE-2025-27093)
https://hngnh.com/posts/Sliver-CVE-2025-27093/
https://hngnh.com/posts/Sliver-CVE-2025-27093/
❤3
REMOTE WINDOWS CREDENTIAL DUMP WITH SHADOW SNAPSHOTS: EXPLOITATION AND DETECTION
https://labs.itresit.es/2025/06/11/remote-windows-credential-dump-with-shadow-snapshots-exploitation-and-detection/
https://labs.itresit.es/2025/06/11/remote-windows-credential-dump-with-shadow-snapshots-exploitation-and-detection/
👍7
Windows Filtering Platform: Persistent state under the hood
https://blog.quarkslab.com/windows-filtering-platform-persistent-state-under-the-hood.html
https://blog.quarkslab.com/windows-filtering-platform-persistent-state-under-the-hood.html
❤3
Forwarded from CyberSecurityTechnologies
HarmonyOS_NEXT_Offensive_Testing.pdf
3.8 MB
#tools
#Mobile_Security
"Breaking The Harmony: Offensive Testing Of HarmonyOS NEXT Applications With Harm0nyz3r & DVHA", Black Hat Europe 2025.
]-> Harmony OS Next Analysis Tool
]-> Damn Vulnerable Harmony Application
// This talk presents the results of a security assessment of HarmonyOS NEXT and its application ecosystem, combining a custom-built testing framework (Harm0nyz3r) with a purposely vulnerable application (Damn Vulnerable HarmonyOS Application - DVHA). Live demonstrations will show how Harm0nyz3r maps an application's attack surface, crafts malicious payloads, and successfully exploits vulnerabilities in DVHA..
#Mobile_Security
"Breaking The Harmony: Offensive Testing Of HarmonyOS NEXT Applications With Harm0nyz3r & DVHA", Black Hat Europe 2025.
]-> Harmony OS Next Analysis Tool
]-> Damn Vulnerable Harmony Application
// This talk presents the results of a security assessment of HarmonyOS NEXT and its application ecosystem, combining a custom-built testing framework (Harm0nyz3r) with a purposely vulnerable application (Damn Vulnerable HarmonyOS Application - DVHA). Live demonstrations will show how Harm0nyz3r maps an application's attack surface, crafts malicious payloads, and successfully exploits vulnerabilities in DVHA..
❤5