The registry is a hierarchical database, The Windows Registry holds configuration information about all the applications on the system, user-specific settings, configuration of various hardware devices used by the system, …
Category: Interesting Stuff
Phishing is a formidable–and financially devastating–threat costing organizations $4.76 million USD per breach on average. With a simple, deceptive email, adversaries can masquerade as trusted entities, tricking even savvy individuals …
IntelBroker, a notorious figure known for orchestrating high-profile cyberattacks, operates within BreachForums. Specializing in identifying and selling access to compromised systems, sensitive data leaks, and possibly extortion, IntelBroker facilitates various …
Phishing is the weapon of choice for many adversaries. And it’s easy to understand why: Users fall victim to attacks in under 60 seconds on average, novice cybercriminals can launch …
WikiLeaks founder Julian Assange has been freed in the UK after serving over five years in Belmarsh prison for what the U.S. government described as the “largest compromises of classified information” …
Alex was talking to his security team when his boss called him into his office one day. News about ransomware attacks across the industry has been pretty popular lately, and his manager …
Alex was talking to his security team when his boss called him into his office one day. News about ransomware attacks across the industry has been pretty popular lately, and his manager …
DragonForce Ransomware has emerged as an intriguing adversary. Known for its prominent targets and unusual ways of communication, it has quickly gained notoriety among cybersecurity experts and victims alike. This …
Tenable Identity Exposure allows you to secure your infrastructure by anticipating threats, detecting breaches, and responding to incidents and attacks. Using an intuitive dashboard to monitor your Active Directory in …
Global law enforcement agencies have ramped up their efforts against ransomware, leading to the weakening of groups and even dethroned the long ruled LockBit. However, following these operations, many small …
Recent history could be termed the Age of Ransomware in the realm of cybercrime. However, threat actors have discovered a way to profit without the need for malware development or …
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting – Help Net Security
Summary: This content discusses SELKS, a free and open-source solution for network intrusion detection and protection, network security monitoring, and threat hunting.
Threat Actor: N/A
Victim: N/A
Key Point :…
The PDF file “Enhancing Election Security Through Public Communications” is a comprehensive guide created by the Cybersecurity and Infrastructure Security Agency (CISA) and the Election Assistance Commission (EAC). It aims …
On Substack, publications run by cybersecurity professionals and journalists with expertise in cybersecurity can help practitioners keep pace with developments in security operations and many other areas of cybersecurity.…
Web applications consist of two main parts:
Frontend: The user interface, typically built with frameworks like React, Angular, or Vue.js, communicates with the backend via…Whitebox penetration testing, especially for complex web applications, can be daunting due to the vast amount of code and interconnections between various components. Breaking down the application into manageable …
HTTP request smuggling is a technique used to interfere with the way a website processes sequences of HTTP requests received from users. This vulnerability can …
In a recent engagement I had to deal with some custom encrypted strings inside an Android ARM64 app. I had a lot of fun reversing the app and in the …
This post is just checking correctness of running payload via EnumDesktopsA in Nim programming language.
EnumDesktopsA function passes the name of each desktop to a callback function defined by the application:…
If you’re pentesting web applications, you certainly come across a lot of JavaScript. Nearly every web application nowadays is using it. Frameworks like Angular, React and Vue.js place a lot …
Security teams spend a lot of time chasing software vulnerabilities. The fact is, however, that their time would be better spent combating malware because the payoff is better: faster detection, …
NCC Group is pleased to open source a new tool built to help Red Teams log their activity for later correlation with the Blue Team’s own logging. What started as …
Summary: This content discusses Radare, an open-source reverse engineering framework and command-line toolset, and its capabilities for analyzing and exploring various architectures.
Threat Actor: N/A
Victim: N/A
Key Point :…
Cloudflare automatically detects and mitigates DDoS attacks across its global network using its autonomous edge DDoS detection and mitigation engine. This report includes the DDoS insights and trends as observed …
Windows operating systems maintain event logs that capture extensive information about the system, users, activities, and applications. These logs primarily help to inform administrators and users, categorized into five levels: …
Security Operations Center (SOC) Tier 1 and 2 analysts play a critical role in protecting organizational …
This year’s Real World Cryptography Conference recently took place in Toronto, Canada. As usual, this conference organized by the IACR showcased recent academic results and industry perspectives on current cryptography …
This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion …
In the ever-evolving cybersecurity landscape, staying informed with the latest statistics and trends is not just beneficial—it’s imperative. The year 2024 is shaping up to be pivotal, with threats becoming …
AhnLab SEcurity intelligence Center (ASEC) has been publishing the Online Scams series to inform the readers about the ever-evolving scams. Prevention and blocking are the two most important measures to …
A mastermind behind the organized crime group responsible for various online fraud schemes has been detained in Bucharest, Romania. The individual, who had been on …
Qilin, also known as Agenda ransomware, represents a formidable threat in cybercrime. This ransomware, one of the known Ransomware-as-a-Service (RaaS) groups, is designed with adaptability in mind, allowing it to …
Summary: This blog discusses AI jailbreaks, their impact on generative AI systems, and how to mitigate the associated risks and harms.
Threat Actor: N/A
Victim: N/A
Key Point :
An…BlackSuit ransomware is a rebranded version of the notorious Royal ransomware, which emerged due to heightened law enforcement actions against the original group. This rebranding signifies a strategic shift aimed …
Summary: This content is the Android Security Bulletin for June 2024, which provides details of security vulnerabilities affecting Android devices and the corresponding security patch levels.
Threat Actor: N/A
Victim: …
Cyberthreat intelligence (CTI) can be a powerful weapon for protecting an organization from cyberattack, enabling teams to understand both the threats they face and the tactics, techniques, and procedures of …
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics
Targeted attacks Operation Triangulation: the final mysteryLast June, we published …
This time, we’re not revealing a new cyber threat investigation or analysis, but I want to share some insights about the team behind all Sekoia Threat Intelligence and Detection Engineering …
In this blog, we will learn how to write a YARA Rule to detect different samples from the same families and hunt for them on a scale.
This section defines …
Hello and welcome back to the Cryptopals Guided Tour (previously, previously)! Today we are taking on Challenge 17, the famous padding oracle attack.
For those who don’t know, Cryptopals is …
In the ever-evolving landscape of cybersecurity threats, new groups like Hunt3r Kill3rs emerge with claims of disruptive capabilities. This analysis aims to provide an initial understanding of their activities, considering …
As organizations prepare for the challenges and opportunities of 2024, the critical importance of cybersecurity preparedness is increasingly apparent. In an era characterized by rapid digital transformation and continuous innovation, …
In the constantly changing landscape of cyber threats, ransomware groups adapt their tactics to outmaneuver defenses. Everest Ransomware recently attracted attention in May 2024 for its notable targets. Since its …
*replace .bawang with .onion (use TOR to access it)*source: https://www.breachsense.com/
Darknet Markets NameURLStatus0-DAYhttps://0-day.shopONLINEStealer credential leakshttps://whiteintel.ioONLINEDarth maul shophttps://1977.ws/ONLINE2EASYhttps://2easy.ccONLINEAlphaBay (Dark i2p)https://tnaefzkcnhryeusi7hdpqujqiqmnbtah3dmjcg3gvezohunjuxbq.b32.i2pONLINEAlphaBay (Dark Tor)http://alphabay522szl32u4ci5e3iokdsyth56ei7rwngr2wm7i5jo54j2eid.bawangONLINEArchetyphttp://4pt4axjgzmm4ibmxplfiuvopxzf775e5bqseyllafcecryfthdupjwyd.bawangONLINEAREShttp://sn2sfdqay6cxztroslaxa36covrhoowe6a5xug6wlm6ek7nmeiujgvad.bawangONLINEASEANhttp://asap2u4pvplnkzl7ecle45wajojnftja45wvovl3jrvhangeyq67ziid.bawangONLINEBIDEN CASH (Dark Tor)http://bidenjxwb7khlh3djrmi6zkkmggiuoh6cnxll7my7uk25ohe27pcfryd.bawangONLINEBIDEN CASH (free CVV – dark web)http://l5wy5mo2bqv4pm5ozschtmqool2uwju4emahlqzfxlwsdgxtppjcblad.bawangONLINEBIDEN…No one is safe from scams. In fact, scams targeting corporations and organizations employ meticulously social-engineered attack scenarios. Unlike smishing targeting individuals or online shopping scams, such attacks design tailored …
Email forensics involves the examination, extraction, and analysis of email data to gather digital evidence crucial for resolving crimes and specific incidents, ensuring the integrity of the …
Dispossessor has recently emerged in the ransomware landscape, and it is especially notable for its similarities to the notorious LockBit group. Following an extensive crackdown by global law enforcement agencies, which led to the …
In this post, we'll demonstrate the Garbageman analysis tool. Garbageman is a .NET analysis tool that can be used to obtain information from packed or obfuscated .NET malware.
Here is …