Go-Shellcode – A Repository Of Windows Shellcode Runners And Supporting Utilities
go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API...
hacking
cThreadHijack – Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking
___________.__ .______ ___ .__ __ __ _____ ___/| |_________ ____ _____ __| _/ | |__| |__|____ ____ | | ___/...
RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE
Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang. RansomEXX ransomware gang hit...
RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna
RansomEXX ransomware operators hit the popular Italian luxury fashion house Ermenegildo Zegna Holding and started leaking stolen files. Zegna is one of...
Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN
Security firm Ivanti addressed a critical vulnerability in its Pulse Connect Secure VPN appliances that could be exploited to execute...
TwiTi – Tool for extracting IOCs from tweet
TwiTi, a tool for extracting IOCs from tweets, can collect a large number of fresh, accurate IOCs. TwiTi does classifying...
WARCannon – High Speed/Low Cost CommonCrawl RegExp In Node.js
WARCannon was built to simplify and cheapify the process of 'grepping the internet'.With WARCannon, you can:Build and test regex patterns...
Conti Leak Indicators – What to block, in your SOC….
Security expert provided leak indicators for Conti ransomware operations that were recently disclosed by a disgruntled affiliate. An affiliate of...
VMware addresses critical flaws in its products
VMware has addressed a critical vulnerability that affects multiple products that could be exploited to gain access to confidential information....
BlackMatter ransomware also targets VMware ESXi servers
BlackMatter gang rapidly evolves, the group has developed a Linux version that allows operators to targets VMware’s ESXi VM platform....
Conti ransomware affiliate leaked gang’s training material and tools
An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with...
Cryptominer ELFs Using MSR to Boost Mining Process
The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver. By UPTYCS THREAT...
ChangeTower – Tool To Help You Watch Changes In Webpages And Get Notified Of Any Changes
ChangeTower is intended to help you watch changes in webpages and get notified of any changes written in Go This...
Elpscrk – An Intelligent Common User-Password Profiler Based On Permutations And Statistics
An Intelligent common user-password profiler that's named after the same tool in Mr.Robot series S01E01In simple words, elpscrk will ask...
Italian energy company ERG hit by LockBit 2.0 ransomware gang
ERG SPA, an Italian energy company, reports a minor impact on its operations after the recent ransomware attack conducted by LockBit 2.0...
Cisco fixes critical, high severity vulnerabilities in VPN routers
Cisco fixed critical, high severity pre-auth security vulnerabilities impacting multiple Small Business VPN routers. Cisco addressed critical and high severity...
Advanced Technology Ventures discloses ransomware attack and data breach
The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced...
US CISA and NSA publish guidance to secure Kubernetes deployments
US CISA and NSA released new guidance that provides recommendations on how to harden Kubernetes deployments and minimize the risk...
Uchihash – A Small Utility To Deal With Malware Embedded Hashes
Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for...
SharpLAPS – Retrieve LAPS Password From LDAP
The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using...
China-linked APT31 targets Russia for the first time
China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US,...
INFRA:HALT flaws impact OT devices from hundreds of vendors
INFRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors....
Cyber Defense Magazine – August 2021 has arrived. Enjoy it!
Cyber Defense Magazine August 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 148 pages of...
China-linked APT groups target telecom companies in Southeast Asia
China linked APT groups have targeted networks of at least five major telecommunications companies operating in Southeast Asia since 2017....
