first blog for scoop
108 views | +0 today
Your new post is loading...
Your new post is loading...
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1)

Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1) | first blog for scoop | Scoop.it
Posted by Gal Beniamini, Project Zero It’s a well understood fact that platform security is an integral part of the security o

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Targeted Attacks in the Middle East Using KASPERAGENT and MICROPSIA - Palo Alto Networks Blog

Targeted Attacks in the Middle East Using KASPERAGENT and MICROPSIA - Palo Alto Networks Blog | first blog for scoop | Scoop.it
This post explores how the attackers attempt to gain a foothold into target networks before briefly describing the malware families used.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

A Python script to lookup available information in Shodan for a list of IPs,save data and processed using Shodan CLI.

A Python script to lookup available information in Shodan for a list of IPs and save the data to a local file that can be processed using the Shodan CLI.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Mitigate threats by using Windows 10 security features (Windows 10)

Mitigate threats by using Windows 10 security features (Windows 10) | first blog for scoop | Scoop.it
This topic provides an overview of software and firmware threats faced in the current security landscape, and the mitigations that Windows 10 offers in response to these threats.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

A Fileless Malware Called "ATMitch" Attack The ATM machines Remotely and Delete The Attack Evidence - GBHackers On Security

A Fileless Malware Called "ATMitch" Attack The ATM machines Remotely and Delete The Attack Evidence - GBHackers On Security | first blog for scoop | Scoop.it
Fileless malware "ATMitch"at any time, at the touch of a button.” Discovered by the Researchers from Kaspersky Lab.ATM FILELESS MALWARE

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Latest Shadow Brokers dump — owning SWIFT Alliance Access, Cisco and Windows

Latest Shadow Brokers dump — owning SWIFT Alliance Access, Cisco and Windows | first blog for scoop | Scoop.it
The headlines — the Equation Group are owning banks using VPN edge gateways, internal Cisco firewalls, and then owning SWIFT Alliance Access boxes. Emeraldthread-3.0.0.exe — EMERALDTHREAD is a remote…

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

How To Put Multiple ISO Files In One Bootable USB Disk | Create Multiboot USB Disk

How To Put Multiple ISO Files In One Bootable USB Disk | Create Multiboot USB Disk | first blog for scoop | Scoop.it
This article includes a method to create a multiboot flash drive allowing to put multiple ISOs file in one bootable media. You can create one bootable media for Windows and Linux.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Some useful forensics tools for your forensics investigation

Some useful forensics tools for your forensics investigation | first blog for scoop | Scoop.it
tools, forensics and incident response, forensics - So you're called onsite to a forensics engagement. What do you bring?
Your forensics media:
Well prepped m

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Technical details on the Fancy Bear Android malware (poprd30.apk) | CrySyS Blog

Technical details on the Fancy Bear Android malware (poprd30.apk) | CrySyS Blog | first blog for scoop | Scoop.it

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

 #WiFi  #Security: Securing Yourself against #Practical #Wireless #Attacks   via : #InfoSec Resources

 #WiFi  #Security: Securing Yourself against #Practical #Wireless #Attacks   via : #InfoSec Resources | first blog for scoop | Scoop.it
IT Security Training & Resources by InfoSec Institute

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Anti reverse engineering. Malware vs Antivirus Software

Anti reverse engineering. Malware vs Antivirus Software | first blog for scoop | Scoop.it
Anti Reverse Engineering article presents the methods used by malware authors in the fight against antivirus software.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Fileless attacks against enterprise networks - Securelist

Fileless attacks against enterprise networks - Securelist | first blog for scoop | Scoop.it
This threat was originally discovered by a bank’s security team, after detecting Meterpreter code inside the physical memory of a domain controller (DC).

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

PowerSploitを悪用して感染するマルウエア(2017-02-10)  /Powershell loading APT malware analysis part 2 by JPCERT.

.."PowerSploit è uno strumento per eseguire file e dei comandi su un computer remoto, verrà utilizzato, come il test di penetrazione. Quando lo script PowerShell scaricato viene eseguito, si crea un file di documento che è incluso al suo interno nella cartella% TEMP%, e display. file di documento da visualizzare ha confermato che non vi è una pluralità di modelli, come documento di Excel o un documento Word."

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Clever Physical ATM Attack - Schneier on Security

Clever Physical ATM Attack - Schneier on Security | first blog for scoop | Scoop.it

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Getting Started with WMI Weaponization - Part 1

Getting Started with WMI Weaponization - Part 1 | first blog for scoop | Scoop.it
Windows Management Instrumentation (WMI) is a Microsoft management protocol derived from the Web-Based Enterprise Management (WBEM) protocol. WMI is a web service that can perform management operations on the host operating system. It has also been a part of Windows since Windows 95 where it was available as an optional feature.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

PowerMemory - Exploit Windows Credentials In Memory - Darknet

PowerMemory - Exploit Windows Credentials In Memory - Darknet | first blog for scoop | Scoop.it
PowerMemory is a PowerShell based tool to exploit Windows credentials present in files and memory, it levers Microsoft signed binaries to hack Windows.

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Tracking threat actors through .LNK files

Tracking threat actors through .LNK files | first blog for scoop | Scoop.it
In the blog post .LNK downloader and bitsadmin.exe in malicious Office document we were asked the following question by Harlan Carvey: Did you parse the LNK file for things such as embedded MAC address, NetBIOS system name, any SID, and volume serial number? We did not do that at the time, however we see the value in…

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Penetration Testing Skype for Business: Exploiting the Missing Lync – MDSec

Penetration Testing Skype for Business: Exploiting the Missing Lync – MDSec | first blog for scoop | Scoop.it
A blog post on how to exploit Skype for Business during a red team engagement

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

KnockKnock : See what's persistently installed on your Mac

KnockKnock : See what's persistently installed on your Mac | first blog for scoop | Scoop.it

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Transparent Windows Tor Firewall: Tallow » CyberPunk

Transparent Windows Tor Firewall: Tallow » CyberPunk | first blog for scoop | Scoop.it
Transparent Windows Tor Firewall      Tallow is a small program that redirects all outbound traffic from a Windows machine via the Tor anonymity network. A

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Pentesting Windows environments: remote delivery of PowerShell payloads

Pentesting Windows environments: remote delivery of PowerShell payloads | first blog for scoop | Scoop.it
PowerShell is an amazing post-exploitation tool available to the attacker during engagements in Windows environments. Tools lik

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Wingbird rootkit analysis

Wingbird rootkit analysis | first blog for scoop | Scoop.it
In previous blog posts I've described rootkits that have been used by so-called state-sponsored actors for infecting thei

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

#Hardening  #Windows 10 with zero-day #exploit #mitigations

#Hardening  #Windows 10 with zero-day #exploit #mitigations | first blog for scoop | Scoop.it
Cyber attacks involving zero-day exploits happen from time to time, affecting different platforms and applications. Over the years, Microsoft security teams have been working extremely hard to address these attacks. While delivering innovative solutions like Windows Defender Application Guard, which provides a safe virtualized layer for the Microsoft Edge browser, and Windows Defender Advance

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Port Scanning and Banner Grabbing Using Python

Port Scanning and Banner Grabbing Using Python | first blog for scoop | Scoop.it

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.
Rescooped by Ha Dinh Phu from Cyber Security & Digital Forensics
Scoop.it!

Enterprise firewalls are man-in-the-middling HTTPS sessions like crazy, and weakening security

Enterprise firewalls are man-in-the-middling HTTPS sessions like crazy, and weakening security | first blog for scoop | Scoop.it
A group of security researchers from academe and industry (including perennial Boing Boing favorite J Alex Halderman) have published an important paper documenting the prevalence and problems of fi…

Via Constantin Ionel Milos / Milos Constantin
more...
No comment yet.