Google seeks to make Cobalt Strike useless to attackers
Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by …
attack tools
Threat actors exchange beacons for badgers to evade endpoint security
Unidentified cyber threat actors have started using Brute Ratel C4 (BRc4), an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint …
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
FireEye breach: State-sponsored attackers stole hacking tools
U.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company’s RedTeam tools, FireEye CEO Kevin Mandia has disclosed on Tuesday. …
How attackers target and exploit Microsoft Exchange servers
Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could …
Money is still the root of most breaches
Verizon has released its annual Data Breach Investigations Report (DBIR), which offers an overview of the cyber security incidents and data breaches that happened in/were …
Widely available ICS attack tools lower the barrier for attackers
The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology (OT) networks and industrial …
As malware and network attacks increase in 2019, zero day malware accounts for 50% of detections
Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared …
CrackQ: Efficient password cracking for pentesters and red teamers
CrackQ employs automation to make password cracking a faster and more efficient undertaking for pentesters and red teamers. CrackQ dashboard “Regular security testing is …
Warshipping: Attackers can access corporate networks through the mailroom
Most infosecurity professionals have heard of wardialing and wardriving, but what about warshipping? The expression has been coined by IBM X-Force Red researchers to describe …
Is your company leaking sensitive data via its Box account?
Companies that use Box for sharing files and folders inside and outside the company are inadvertently leaving sensitive corporate and customer data exposed, cybersecurity firm …
Python-based attack tools are the most common vector for launching exploit attempts
Hackers have an obvious predilection for Python-based attack tools, says Imperva. “When examining the use of Python in attacks against sites we protect, the result was …