News • Insights • Analysis
Picture this: you’ve finally made it past the perimeter of a highly secured organization. You’re feeling pretty pleased with yourself, until you realize you only have Active Directory privileges of a newly hired intern and the thrill trickles away. However, Read More …
For 13 years, a key pillar of the Chrome Security ecosystem has included encouraging security researchers to find security vulnerabilities in Chrome browser and report them to us, through the Chrome Vulnerability Rewards Program. Starting today and until 1 December Read More …
The Chinese state-sponsored hacking group APT41 was found abusing the GC2 (Google Command and Control) red teaming tool in data theft attacks against a Taiwanese media and an Italian job search company. APT 41, also known as HOODOO, is a Read More …
Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company’s Cobalt Strike software to distribute malware. Microsoft’s Digital Crimes Unit (DUC), Fortra, and Health Information Sharing and Analysis Center (Health-ISAC) filed a 223-page Read More …
C&C systems are useful collaboration tools for penetration testers and red teamers. They provide a common place for all victim machines to reach out to, be controlled from, and allow multiple users to interact with the same victims. When performing Read More …
The United Kingdom’s National Cyber Security Centre (NCSC), the government agency that leads the country’s cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The goal is to assess UK’s vulnerability to cyber-attacks and Read More …
CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye allows an operator to quickly assess complex data, evaluate mitigation strategies, and enable effective decision making. For more information, CISA Read More …
The use of legitimate Windows tools as part of malicious actors’ malware arsenal has become a common observation in cyber incursions in recent years. We’ve discussed such use in a previous article where PsExec, Windows Management Instrumentation (WMI), simple batch Read More …
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Whoever is behind these attacks took advantage of recently patched Windows remote code execution vulnerabilities tracked as CVE-2022-24500 and CVE-2022-26809. When Read More …
Good-faith security researchers no longer have to worry about being prosecuted under the Computer Fraud and Abuse Act (CFAA), the US Justice Department said on Thursday. The federal agency released a new memo, which for the first time clarifies that Read More …
