Browsing tag
Microsoft and cybersecurity firm FireEye has identified three new malware used by SolarWinds hackers in their last year’s attack on highly critical private and government cyberinfrastructure in the United States. According to FireEye and Microsoft’s latest analysis, the SolarWinds hack was far more sinister than it initially appeared to be. Reportedly, the companies have […]
Dubbed Purple Lambert by Kaspersky; the malware passively listens to network traffic and search for a “magic packet.” The Global Research and Analysis Team (GReAT) at Kaspersky Lab has discovered a new malware which the company claims is developed by the American Central Intelligence Agency (CIA). The Moscow, Russia-based cybersecurity giant said it spotted the […]
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs helps you to escape container and takeover K8s cluster easily. Currently still under development, submit issues or mail [email protected] if you need any help. Installation […]
drow is a command-line utility that is used to inject code and hook the entrypoint of ELF executables (post-build). It takes unmodified ELF executables as input and exports a modified ELF contianing an embedded user-supplied payload that executes at runtime. Slightly more detail … Drow takes the following steps to create the new patched […]
Recently, a malware by the name of ACbackdoor has been discovered which infects both Windows and Linux based systems. With little to no documentation of its origin, it has capabilities for pretty complex operations which include arbitrary execution of shell commands, updating, arbitrary binary execution, and persistence. Although both of the variants have different backdoor […]
Researchers discovered a previously undetected multi-platform malware called ACbackdoor that has both Linux and Windows Variant to infect the respective users and steal sensitive information. Dubbed ACbackdoor Linux variant has a completely no detection rate while the Windows variant has a higher detection rate than the Linux variant. Researchers believe that the ACbackdoor variant is […]
Researchers detect a wave of malware campaigns from a new hacking group named TA2101 that targeting various organizations in German and Italy to deploy the backdoor malware in their network. Threat actors from this new hacking group using legitimate and licensed penetration testing tools and backdoor framework such as Cobalt Strike and Metasploit to perform […]
According to reports from digital forensics experts, the dangerous hacker group known as Platinum has announced the release of Titanium, a new backdoor Trojan that includes advanced features to control an infected computer completely. The report, published by security firm Kaspersky Lab, mentions that this backdoor can hide from the sight of victims posing as […]
A new wave of malware attack strikes again from the Titanium APT group that infects windows with hidden backdoor by mimicking common legitimate software and fileless technique. Titanium APT is one of the technologically advanced hacking group, they are using the various sophisticated technique to attack the target, and their method of attack makes very […]
Platinum, the infamous Advanced Persistent Threat (APT) group, has launched a new backdoor trojan named Titanium that has advanced capabilities of taking complete control over the target’s PC. As reported by the Kaspersky Lab researchers, Titanium is capable of hiding in plain sight by disguising itself as a DVD burner software, sound driver, or even […]
A simple reverse shell written in python 3.7 just for fun. Actually it supports Windows and Linux OS and integrates some basic features like keylogging and AES encrypted communications. Supported operating systems: Windows Linux OSX Functions and characteristics: Reverse connection. AES encrypted communications. Multithreaded. Support multiple bots connected at the same time. Keylogger. Possibility […]
WordPress is probably the most popular content management system (CMS) today, so it’s no wonder it’s also the subject of multiple cybersecurity threats. According to cybersecurity experts, the most serious of these threats is a criminal campaign deployed by a group identified as WP-VCD, from which most hacking incidents against WordPress sites stem. A report […]
Hackers-Hack-Hackers: Russian APT group Turla known as Waterbug compromised the Iranian hacker’s command and control server infrastructure, and the Exfiltrated of data to expand their cyber attack in wide. Turla is a well-known APT hackers group using various tools and techniques to target the government, military, technology, energy, and commercial organizations and gathering intelligence. GBHackers […]
The activities of government-sponsored hacker groups can have disastrous consequences. A group of digital forensics experts from ESET has revealed the existence of a new malware developed by Winnti, a hacking group backed by the Chinese government, with the purpose of gaining persistence in a targeted Microsoft SQL Server system. Identified as skip-2.0, this malware […]
Even security companies are exposed to cyberattacks. IT system audit specialists report that security software developer Avast has become victim of an attack on their internal networks. Through a statement, the Czech-based company mentioned that hackers most likely tried to inject malware into the CCleaner tool code, similar to the incident occurred a couple of […]
Digital forensics specialists report a new attack method consisting of the use of WAV audio files to hide and deliver backdoors and software for the mining of the Monero cryptocurrency on infected systems. Other variants of this method injected malware by hiding their payloads in JPEG or PNG image files using steganography, a technique widely […]
MasterMana botnet is part of an ongoing malware campaign. The IT security researchers at Prevailion have discovered an active botnet that has been targeting corporations and unsuspected users across the globe. Dubbed MasterMana by researchers; the botnet utilizes every available option to target its victims including dropping backdoors and phishing attacks through business email compromise […]
The US, UK, and Australia are putting pressure on Facebook to create a backdoor in its encrypted messaging apps that would allow the governments to access encrypted texts. The open letter, obtained by BuzzFeedNews, has been signed by the US attorney general Bill Barr, US acting secretary of homeland security, UK home secretary, and the Australian […]
Ethical hacking experts report that, in recent days, threat actors have been scanning the Internet looking for non updated SSL VPNs developed by the company Fortinet to exploit a critical vulnerability. The main objective of the operators of this campaign is the theft of login credentials and other confidential details. If successful, threat actors could […]
The RubyGems package repository maintenance team recently announced the removal of at least 18 malicious versions of 11 Ruby libraries due to the presence of a backdoor. Web application security experts claim that even cases were detected in which Ruby’s programming projects were infected with cryptocurrency mining malware. This malicious development was discovered just a […]
Researchers discovered two new malicious hacking tools (BalkanRAT, BalkanDoor) from the ongoing campaign Balkans that act as a remote access trojan and backdoor. Malware authors developed these Tools with two different features. BalkanRAT, a remote access trojan that controls the compromised computer remotely via a graphical interface and the BalkanDoor performing the same operation using […]