Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques
The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has...
hacking
PacketStreamer – Distributed Tcpdump For Cloud Native Environments
Deepfence PacketStreamer is a high-performance remote PacketStreamer sensors collect raw network packets on remote hosts. It selects packets to capture...
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the...
Blackbird – An OSINT Tool To Search For Accounts By Username In 101 Social Networks
Blackbird An Setup Clone the repository git clone https://github.com/p1ngul1n0/blackbirdcd blackbird Install requirements pip install -r requirements.txt Usage Search by username...
Symbiote, a nearly-impossible-to-detect Linux malware
Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by...
Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia
Researchers spotted a previously undocumented Chinese-speaking APT, tracked as Aoqin Dragon, targeting entities in Southeast Asia and Australia. SentinelOne documented a...
Offensive-Azure – Collection Of Offensive Tools Targeting Microsoft Azure
Collection of offensive tools targeting Microsoft Azure written in Python to be platform agnostic. The current list of tools can...
New Emotet variant uses a module to steal data from Google Chrome
Researchers spotted a new variant of the Emotet bot that uses a new module to steal credit card information stored...
Tainted CCleaner Pro Cracker spreads via Black Seo campaign
Threat actors spread info-stealing malware through the search results for a pirated copy of the CCleaner Pro Windows optimization program....
0Patch released unofficial security patch for new DogWalk Windows zero-day
0patch researchers released an unofficial security patch for a Windows zero-day vulnerability dubbed DogWalk. 0patch released an unofficial security patch...
AutoPWN Suite – Project For Scanning Vulnerabilities And Exploiting Systems Automatically
AutoPWN Suite is a project for scanning Installation You can install it using pip. (sudo recommended) sudo pip install autopwn-suite...
US dismantled and seized SSNDOB cybercrime marketplace
An international operation led by the US authorities dismantled and seized the infrastructure of the online marketplace SSNDOB. US DoJ announced...
Socialhunter – Crawls The Website And Finds Broken Social Media Links That Can Be Hijacked
Installation From Binary You can download the pre-built binaries from the releases page and run. For example: wget https://github.com/utkusen/socialhunter/releases/download/v0.1.1/socialhunter_0.1.1_Linux_amd64.tar.gz tar...
China-linked threat actors have breached telcos and network service providers
China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US...
Black Basta ransomware now supports encrypting VMware ESXi servers
Black Basta ransomware gang implemented a new feature to encrypt VMware ESXi virtual machines (VMs) running on Linux servers. The...
Nipe – An Engine To Make Tor Network Your Default Gateway
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It...
Evil Corp gang starts using LockBit Ransomware to evade sanctions
Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks...
Sentinel-Attack – Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel That Leverages Sysmon And MITRE ATT&CK
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on...
Black Basta ransomware operators leverage QBot for lateral movements
The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted...
Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant
LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the...
Lockc – Making Containers More Secure With eBPF And Linux Security Modules (LSM)
lockc is open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main...
Microsoft seized 41 domains used by Iran-linked Bohrium APT
Microsoft’s Digital Crimes Unit (DCU) announced the seizure of domains used by Iran-linked APT Bohrium in spear-phishing campaigns. Microsoft’s Digital Crimes...
Another nation-state actor exploits Microsoft Follina to attack European and US entities
A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in...
AWS-Threat-Simulation-and-Detection – Playing Around With Stratus Red Team (Cloud Attack Simulation Tool) And SumoLogic
This repository is a documentation of my adventures with Attack Description Link aws.credential-access.ec2-get-password-data Retrieve EC2 Password Data Link aws.credential-access.ec2-steal-instance-credentials Steal...
