Hackers Found Using A New Code Injection Technique to Evade Detection

While performing in-depth analysis of various malware samples, security researchers at Cyberbit found a new code injection technique, dubbed Early Bird, being used by at least three different sophisticated malware that helped attackers evade detection…. Continue reading Hackers Found Using A New Code Injection Technique to Evade Detection

Warning: Your Windows PC Can Get Hacked by Just Visiting a Site

Can you get hacked just by clicking on a malicious link or opening a website? — YES.

Microsoft has just released its April month’s Patch Tuesday security updates, which addresses multiple critical vulnerabilities in its Windows operating systems and o… Continue reading Warning: Your Windows PC Can Get Hacked by Just Visiting a Site

Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files

You have always been warned not to share remote access to your computer with untrusted people for any reason—it’s a basic cybersecurity advice, and common sense, right?

But what if, I say you should not even trust anyone who invites or offer you full … Continue reading Windows Remote Assistance Exploit Lets Hackers Steal Sensitive Files

MS Office Built-in Feature Allows Malware Execution Without Macros Enabled

Since new forms of cybercrime are on the rise, traditional techniques seem to be shifting towards more clandestine that involve the exploitation of standard system tools and protocols, which are not always monitored.

Security researchers at Cisco’s Ta… Continue reading MS Office Built-in Feature Allows Malware Execution Without Macros Enabled

CrackMapExec – Active Directory Post-Exploitation Tool

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS…

Read the full post at darknet.org.uk

Continue reading CrackMapExec – Active Directory Post-Exploitation Tool

CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

Last month, we reported about a group of hackers exploiting SambaCry—a 7-year-old critical remote code execution vulnerability in Samba networking software—to hack Linux computers and install malware to mine cryptocurrencies.

The same group of hackers is now targeting Windows machines with a new backdoor, which is a QT-based re-compiled version of the same malware used to target Linux.

Continue reading CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

Critical Flaws Found in Windows NTLM Security Protocol – Patch Now

As part of this month’s Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.

Researchers at behavioral fi… Continue reading Critical Flaws Found in Windows NTLM Security Protocol – Patch Now

Original Author of Petya Ransomware is Back & He Wants to Help NotPetya Victims

The author of original Petya ransomware is back.

After 6 months of silence, the author of the now infamous Petya ransomware appeared today on Twitter to help victims unlock their files encrypted by a new version of Petya, also known as NotPetya.

“We’… Continue reading Original Author of Petya Ransomware is Back & He Wants to Help NotPetya Victims

Winpayloads – Undetectable Windows Payload Generation

Winpayloads is a tool to provide undetectable Windows payload generation with some extras running on Python 2.7. It provides persistence, privilege escalation, shellcode invocation and much more. Features UACBypass – PowerShellEmpire PowerUp – PowerShellEmpire Invoke-Shellcode Invoke-Mimikatz Invoke-EventVwrBypass Persistence – Adds payload…

Read the full post at darknet.org.uk

Continue reading Winpayloads – Undetectable Windows Payload Generation