Steganography Anchors Pinpoint Attacks on Industrial Targets
Ongoing spear-phishing attacks aim at stolen Windows credentials for ICS suppliers worldwide. Continue reading Steganography Anchors Pinpoint Attacks on Industrial Targets
Category Archives: Mimikatz
how to determine the full path of log file the mimikatz keylogger [closed]
What windows registry “mimikatz” modify?
where on the c drive is executable file for mimikatz
Continue reading how to determine the full path of log file the mimikatz keylogger [closed]
Is kerberos unconstrained delegation partially safer than constrained delegation?
When you’re using unconstrained delegation, a service A is allowed to authenticate as the user B to any other service. This happens because the user B sends its TGS along with its TGT to the service A, and service A can then request other … Continue reading Is kerberos unconstrained delegation partially safer than constrained delegation?
Chrome 80 encryption change blocks AZORult password stealer
Evidence is emerging that a change made to Chrome 80 might have disrupted the popular data and user profile stealing malware AZORult. Continue reading Chrome 80 encryption change blocks AZORult password stealer
The RastaLabs experience
Introduction
It was 20 November, and I was just starting to wonder what I would do during the next month. I had already left my previous job, and the new one would only start in January. Playing with PS4 all month might sound fun for some people, but… Continue reading The RastaLabs experience
Satan ransomware rebrands as 5ss5c ransomware
The cybercrime group that brought us Satan, DBGer and Lucky ransomware and perhaps Iron ransomware, has now come up with a new version or rebranding named “5ss5c”.
In a previous blog post, Satan ransomware adds EternalBlue exploit, I described ho… Continue reading Satan ransomware rebrands as 5ss5c ransomware
Searching a drive for a specific malicious exe? [duplicate]
This question is an exact duplicate of:
Finding a mimikatz file on a compromised host? [on hold]
I am completing some online labs for a cyber security course. We are meant to … Continue reading Searching a drive for a specific malicious exe? [duplicate]
Finding a mimikatz file on a compromised host? [on hold]
So I am currently struggling with a cyber security lab, and after searching various online sources and reading documentation I can’t find a solution. The 2 tasks are as follows:
“The attacker has deployed the Mimikatz t… Continue reading Finding a mimikatz file on a compromised host? [on hold]
Does Skeleton Key attack work on Server 2016 using mimikatz?
I read the article on adsecurity which spoke about the Skeleton Key malware & the mimikatz misc::skeleton feature to replicate the same.
It said that the malware affects windows 2008R2 & 2003.
I had a query whether … Continue reading Does Skeleton Key attack work on Server 2016 using mimikatz?
‘China Chopper’ web shell makes a comeback in Lebanon, other Asian countries
Malicious code first discovered nine years ago that has historically been used by groups associated with Chinese state-backed hacks has made a comeback, according to new research from Cisco’s Security and Intelligence Research Group, Talos. The hacking tool is web shell known as China Chopper. A web shell is a script that allows attackers to remotely access servers running web applications. This particular web shell has long been known to be an exploit that’s often impervious to being outed and detected. “China Chopper is a slick little web shell that does not get enough exposure and credit for its stealth,” FireEye researchers wrote in 2013 in their blog on the matter. China Chopper’s code as historically been small, according to security researcher Keith Tyler, who wrote on the tool in 2012. That much appears to be the same now — Talos researchers note the most recent campaign has been “extremely simple,” containing just one […]
The post ‘China Chopper’ web shell makes a comeback in Lebanon, other Asian countries appeared first on CyberScoop.
Continue reading ‘China Chopper’ web shell makes a comeback in Lebanon, other Asian countries