Transparent Tribe: Evolution analysis,part 2
Background + Key findings Transparent Tribe, also known as PROJECTM or MYTHIC LEOPARD, is a highly prolific group whose activities...
Year: 2020
Hack-Tools – The All-In-One Red Team Extension For Web Pentester
The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it...
ezEmu – Simple Execution Of Commands For Defensive Tuning/Research
ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers",...
Rapid7 Releases 2020 Under the Hoodie Report: Lessons Learned from a Year of Penetration Tests
Well, it's March 179th, 2020, and while we didn't actually get a summer here in 2020, it's time once again...
Our New Blog
Security Intelligence Blog has a new home! Our new site is https://www.trendmicro.com/en_us/research.html Read new threat discoveries, relevant perspectives on security...
PowerShell Logging: Obfuscation and Some New(ish) Bypasses Part 1
While giving our talk at the DEF CON Red Team Village a couple of weeks ago, I previewed a PowerShell...
Random SMTP Fun with Telnet
Over the weekend, we were setting up a virtual range for our upcoming class this weekend and was testing a mail server....
Reflective PE Injection in Windows 10 1909
Last month we taught our DEF CON 27 workshop, Introduction to Sandbox Evasion and AMSI Bypasses, as a webinar. It...
Using the OneDrive Listener in Empire 3.1.3
Anthony Rose | Jake Krasnov As part of the update to Empire that we pushed out today, the OneDrive listener...
An Introduction to Starkiller
Vincent Rose | Jacob Krasnov | Anthony Rose Today we are excited to announce the release of Starkiller! Our multi-user...
An Introduction To Offensive Security
Jacob Krasnov | Anthony Rose This blog is going to be the first entry in a series that goes over...
Microsoft’s new report suggest a rapid transformation in cyber security due to the pandemic
In just two months of the pandemic, the digital world went through "two years worth of digital transformation" according to...
The Russian quality system (Roskachestvo) reported on the new traps of scams in WhatsApp
The absolute majority of fraud in WhatsApp occurs through social engineering when the text prompts the user to click on...
The cybersecurity skills gap is misunderstood
Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and...
VolExp – Volatility Explorer
This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility...
InsightIDR Demo: Cloud-Native SIEM vs. Modern Security Challenges
As much as the phrase “a crowded theatre” calls to mind images from bygone days, we’re old enough to remember...
A Tale of Escaping a Hardened Docker container
Posted by Red Timmy Security on Aug 25Hello, in a recent security assessment we have managed to escape out of...
NEProfile – Host Header Injection
Posted by ghost on Aug 25 Exploit Title: NEProfile - Host Header Injection Date: 5/13/2020 Vendor Homepage: https://seczetta.com Software Link:...
Google Chromecast Auth Bypass/RCE
Posted by Benjamin Floyd on Aug 25Problem: Most modern Google-based smart devices run some form of Chromecast (and a version...
CVE-2020-24548 / Ericom Access Server for (AccessNow & Ericom Blaze) v9.2.0 / Server Side Request Forgery
Posted by hyp3rlinx on Aug 25 Credits: John Page (aka hyp3rlinx) Website: hyp3rlinx.altervista.org Source:http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt twitter.com/hyp3rlinx ISR: ApparitionSec www.ericom.com Ericom Access...
AWS Recon – Multi-threaded AWS Inventory Collection Tool With A Focus On Security-Relevant Resources And Metadata
A multi-threaded AWS inventory collection tool.The creators of this tool have a recurring need to be able to efficiently collect...
SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns
The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in...
A week in security (August 17 – 23)
Last week on Malwarebytes Labs, we looked at the impact of COVID-19 on healthcare cybersecurity, dug into some pandemic stats...
TikTok Files Lawsuit Against the U.S. Government Over Ban of Its Application
Tiktok has confirmed that it is going to sue the U.S. government for banning the use of Tiktok application in...
