Reflective PE Injection in Windows 10 1909
Last month we taught our DEF CON 27 workshop, Introduction to Sandbox Evasion and AMSI Bypasses, as a webinar. It...
OSINT
Using the OneDrive Listener in Empire 3.1.3
Anthony Rose | Jake Krasnov As part of the update to Empire that we pushed out today, the OneDrive listener...
An Introduction to Starkiller
Vincent Rose | Jacob Krasnov | Anthony Rose Today we are excited to announce the release of Starkiller! Our multi-user...
An Introduction To Offensive Security
Jacob Krasnov | Anthony Rose This blog is going to be the first entry in a series that goes over...
Microsoft’s new report suggest a rapid transformation in cyber security due to the pandemic
In just two months of the pandemic, the digital world went through "two years worth of digital transformation" according to...
The cybersecurity skills gap is misunderstood
Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and...
The Russian quality system (Roskachestvo) reported on the new traps of scams in WhatsApp
The absolute majority of fraud in WhatsApp occurs through social engineering when the text prompts the user to click on...
VolExp – Volatility Explorer
This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility...
InsightIDR Demo: Cloud-Native SIEM vs. Modern Security Challenges
As much as the phrase “a crowded theatre” calls to mind images from bygone days, we’re old enough to remember...
A Tale of Escaping a Hardened Docker container
Posted by Red Timmy Security on Aug 25Hello, in a recent security assessment we have managed to escape out of...
NEProfile – Host Header Injection
Posted by ghost on Aug 25 Exploit Title: NEProfile - Host Header Injection Date: 5/13/2020 Vendor Homepage: https://seczetta.com Software Link:...
Google Chromecast Auth Bypass/RCE
Posted by Benjamin Floyd on Aug 25Problem: Most modern Google-based smart devices run some form of Chromecast (and a version...
CVE-2020-24548 / Ericom Access Server for (AccessNow & Ericom Blaze) v9.2.0 / Server Side Request Forgery
Posted by hyp3rlinx on Aug 25 Credits: John Page (aka hyp3rlinx) Website: hyp3rlinx.altervista.org Source:http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt twitter.com/hyp3rlinx ISR: ApparitionSec www.ericom.com Ericom Access...
AWS Recon – Multi-threaded AWS Inventory Collection Tool With A Focus On Security-Relevant Resources And Metadata
A multi-threaded AWS inventory collection tool.The creators of this tool have a recurring need to be able to efficiently collect...
SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns
The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in...
A week in security (August 17 – 23)
Last week on Malwarebytes Labs, we looked at the impact of COVID-19 on healthcare cybersecurity, dug into some pandemic stats...
TikTok Files Lawsuit Against the U.S. Government Over Ban of Its Application
Tiktok has confirmed that it is going to sue the U.S. government for banning the use of Tiktok application in...
Lifting the veil on DeathStalker, a mercenary triumvirate
State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day...
Yeti – Your Everyday Threat Intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified...
Parth – Heuristic Vulnerable Parameter Scanner
Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually...
Life as a Rapid7 Rotato: Launch Your Career
At Rapid7, we believe that by hiring a team with a strong diversity of mindset, different levels of experience, and...
Here’s how to Ensure Data Security Using FShred App
Users are well aware of the fact that while deleting photos, videos, files, or any other form of data on...
Uber’s Former Chief Security Officer Charged for Covering up A Massive Data Breach
Uber's former chief security officer, Joe Sullivan, was very recently charged by the federal prosecutors in the United States for...
Pyre-Check – Performant Type-Checking For Python
Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines...
