/ Are DarkGate and PikaBot the new QakBot?
This campaign is undoubtedly a high-level threat due to the tactics, techniques, and procedures (TTPs) that enable the phishing emails to reach intended targets as well as the advanced capabilities of the malware being delivered.:
https://cofense.com/blog/are-darkgate-and-pikabot-the-new-qakbot/
This campaign is undoubtedly a high-level threat due to the tactics, techniques, and procedures (TTPs) that enable the phishing emails to reach intended targets as well as the advanced capabilities of the malware being delivered.:
https://cofense.com/blog/are-darkgate-and-pikabot-the-new-qakbot/
Cofense
Are DarkGate and PikaBot the New QakBot? | Cofense
The threat landscape is constantly evolving. Learn about the new DarkGate & PikaBot malware that has surged in activity and why it should be taken seriously.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Автоматически попасть можно по нескольким причинам:
Иногда это может быть ошибочное срабатывание, не переживайте, если ADA или RIC сервера не пингуются, а сайты перестали загружаться. 90% случаев это бан, что можно сделать в этом случае?
99% аптайм - хороший показатель, но безопасность и скорость, тоже важные показатели, давайте учитывать это вместе.
Всем спасибо кто пользуется и остается в фокусе и за понимание, кто еще не пользуется - welcome, донаты приветствуются, контакты здесь. Всем Peace ✌️
Please open Telegram to view this post
VIEW IN TELEGRAM
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
https://github.com/AlmondOffSec/PassTheCert
https://github.com/AlmondOffSec/PassTheCert
GitHub
GitHub - AlmondOffSec/PassTheCert: Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel - AlmondOffSec/PassTheCert
Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.
https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE/tree/main
https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE/tree/main
GitHub
GitHub - xcanwin/CVE-2023-4357-Chrome-XXE: [漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability…
[漏洞复现] 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors. - xcanwin/CVE-2023-4357-Chrome-XXE
Nala - deb Packed Manager with Parallel functions
https://christitus.com/stop-using-apt/
https://youtu.be/oroSkR4Nn_w?t=222
P.S. the for the links dear subscriber )) ✌️
https://christitus.com/stop-using-apt/
https://youtu.be/oroSkR4Nn_w?t=222
P.S. the for the links dear subscriber )) ✌️
Christitus
Stop Using APT
Having Fun with Technology
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
https://github.com/grimlockx/ADCSKiller
https://github.com/grimlockx/ADCSKiller
GitHub
GitHub - grimlockx/ADCSKiller: An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer - grimlockx/ADCSKiller
LightkeeperRM
LightkeeperRM (Remote Management) is a modular drop-in replacement for maintaining servers over SSH with shell commands. No additional daemons or other software is needed on servers:
https://github.com/kalaksi/lightkeeper
LightkeeperRM (Remote Management) is a modular drop-in replacement for maintaining servers over SSH with shell commands. No additional daemons or other software is needed on servers:
https://github.com/kalaksi/lightkeeper
Awesome SOC
A collection of sources of documentation, as well as field best practices, to build/run a SOC
https://github.com/cyb3rxp/awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
https://github.com/cyb3rxp/awesome-soc
GitHub
GitHub - cyb3rxp/awesome-soc: A collection of sources of documentation, as well as field best practices, to build/run a SOC
A collection of sources of documentation, as well as field best practices, to build/run a SOC - cyb3rxp/awesome-soc
ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil
https://www.trendmicro.com/en_us/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
https://www.trendmicro.com/en_us/research/23/k/parasitesnatcher-how-malicious-chrome-extensions-target-brazil-.html
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
Go mods Examples
Like as brute passwords in passwd or ssh, scan ports through nmap and etc..:
https://github.com/dreddsa5dies/goHackTools
Like as brute passwords in passwd or ssh, scan ports through nmap and etc..:
https://github.com/dreddsa5dies/goHackTools
GitHub
GitHub - dreddsa5dies/goHackTools: Hacker tools on Go (Golang)
Hacker tools on Go (Golang). Contribute to dreddsa5dies/goHackTools development by creating an account on GitHub.
Forwarded from OpenBLD.net (Yevgeniy Goncharov)
Лайтовый экстеншн, дополняет сервис, блокируя часть рекламы вшитую в URL'ы корневых доменов.
Чистит ресурсы которые используют рекламные сети без явных принадлежностей к тем или иным поддоменам.
Не имеет внешних, или иных подключений, не собирает данные, идеально дополняет DoH/DoT OpenBLD.net сервис.
Видео, как в принципе помогает жить OpenBLD.net приложено там-же на странице.
Пробуем. Наслаждаемся. Фидбечим:
https://chromewebstore.google.com/detail/openbldnet-blocker/jjpjcmckhkcefefgbgghomdhcbfmklea
Please open Telegram to view this post
VIEW IN TELEGRAM
IceKube: Finding complex attack paths in Kubernetes clusters
https://labs.withsecure.com/tools/icekube--finding-complex-attack-paths-in-kubernetes-clusters
https://labs.withsecure.com/tools/icekube--finding-complex-attack-paths-in-kubernetes-clusters
Withsecure
IceKube: Finding complex attack paths in Kubernetes clusters
This blog post introduces IceKube, an open-source tool that enumerates a cluster and generates a graph database of resource configurations and the relationships between different resources. IceKube can then analyse these relationships and identify potential…
LogoFAIL - investigates vulnerable image parsing components across the entire UEFI firmware ecosystem and finds all major device manufacturers are impacted on both x86 and ARM-based
Research from the rirst person:
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/
Research from the rirst person:
https://binarly.io/posts/The_Far_Reaching_Consequences_of_LogoFAIL/
www.binarly.io
The Far-Reaching Consequences of LogoFAIL
LogoFAIL by BINARLY: Discover how vulnerable image parsing impacts device manufacturers in the UEFI firmware ecosystem. Learn about critical LogoFAIL consequences.
OpenGPT - open source effort to create a similar experience to OpenAI's GPTs and Assistants API
https://github.com/langchain-ai/opengpts
https://github.com/langchain-ai/opengpts
GitHub
GitHub - langchain-ai/opengpts
Contribute to langchain-ai/opengpts development by creating an account on GitHub.
PyPI: Incident Report: User Account Takeover
reflection: This is not the first time I’ve seen developer accounts taken over, but if you think about it, what will happen. What if they take over, for example, the account of the developer of uBlock..? Where will they go or what will happen with your web requests being called back in it?)) In this context, the manifest v3 reduces such threats to a minimum...
https://blog.pypi.org/posts/2023-12-04-account-takeover/
reflection: This is not the first time I’ve seen developer accounts taken over, but if you think about it, what will happen. What if they take over, for example, the account of the developer of uBlock..? Where will they go or what will happen with your web requests being called back in it?)) In this context, the manifest v3 reduces such threats to a minimum...
https://blog.pypi.org/posts/2023-12-04-account-takeover/
Kali Linux 2023.4 Release
With new tools and Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5 supporting:
https://www.kali.org/blog/kali-linux-2023-4-release/
With new tools and Cloud ARM64, Vagrant Hyper-V, Raspberry Pi 5 supporting:
https://www.kali.org/blog/kali-linux-2023-4-release/
Kali Linux
Kali Linux 2023.4 Release (Cloud ARM64, Vagrant Hyper-V & Raspberry Pi 5) | Kali Linux Blog
With 2023 coming to an end and before the holiday season starts, we thought today would be a good time to release Kali 2023.4. Whilst this release may not have the most end-user features in it again, there are a number of new platform offerings and there…
Hunting Malicious Infrastructure-Headers and Hardcoded/Static Strings
https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
The penetration testing execution standard consists of seven (7) main sections...
These cover everything related to a penetration test - from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it..:
http://www.pentest-standard.org/index.php/Main_Page
These cover everything related to a penetration test - from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it..:
http://www.pentest-standard.org/index.php/Main_Page