■■■■■ Responder now supports SMBv2, shows if smb1 is disabled or not, which Os/Build version, if RDP is open, domain joined, last reboot, etc. And.. you get all that information in less than 5 seconds per class C.
https://github.com/lgandx/Responder
https://github.com/lgandx/Responder
GitHub
GitHub - lgandx/Responder: Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication…
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat...
cKure
■■■■■ #Exclusive #DataLeak: Hacker group RedRabbit Team have created a website which sends details of AirTel #India 🇮🇳 over the email. We have tested the data for authenticity. Takes around 10 hours to send details. This will be the most audacious leak as…
● The website was taken down. The attackers created another domain though.
Apparently the domain was posted by the attacker related account in our discussion group (@ckureg). The group is followed by various blue teams and threat intel platforms that can directly take action against such domains.
Apparently the domain was posted by the attacker related account in our discussion group (@ckureg). The group is followed by various blue teams and threat intel platforms that can directly take action against such domains.
■■□□□#DataLeak: Emotet campaign hits Lithuania’s National Public Health Center and several state institutions.
https://securityaffairs.co/wordpress/112817/malware/emotet-campaign-hit-lithuania.html
https://securityaffairs.co/wordpress/112817/malware/emotet-campaign-hit-lithuania.html
Security Affairs
Emotet campaign hits Lithuania's National Public Health Center
An Emotet campaign hit Lithuania, the malware has infected systems at the National Center for Public Health (NVSC) and several municipalities.
■□□□□ Fines against banks for data breaches and noncompliance more than doubled in 2020.
https://portswigger.net/daily-swig/fines-against-banks-for-data-breaches-and-noncompliance-more-than-doubled-in-2020
https://portswigger.net/daily-swig/fines-against-banks-for-data-breaches-and-noncompliance-more-than-doubled-in-2020
The Daily Swig | Cybersecurity news and views
Fines against banks for data breaches and noncompliance more than doubled in 2020
Crackdown against financial misdeeds during lockdown leads to worldwide enforcement actions
■■■■■ Bad regex used in Facebook Javascript SDK leads to account takeovers in third party websites that included it.
https://ysamm.com/?p=510
https://ysamm.com/?p=510
■■■■□#DataLeak: SolarWinds hackers accessed some of the source-code of Microsoft.
https://thehackernews.com/2020/12/microsoft-says-solarwinds-hackers.html
https://thehackernews.com/2020/12/microsoft-says-solarwinds-hackers.html
■■■□□ GKE Auditor – Detect Google Kubernetes Engine Misconfigurations.
https://www.darknet.org.uk/2021/01/gke-auditor-detect-google-kubernetes-engine-misconfigurations
https://www.darknet.org.uk/2021/01/gke-auditor-detect-google-kubernetes-engine-misconfigurations
Darknet - Hacking Tools, Hacker News & Cyber Security
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
■■□□□ RogueWinRM - Windows Local Privilege Escalation From Service Account To System.
https://www.kitploit.com/2021/01/roguewinrm-windows-local-privilege.html
https://www.kitploit.com/2021/01/roguewinrm-windows-local-privilege.html
KitPloit - PenTest & Hacking Tools
RogueWinRM - Windows Local Privilege Escalation From Service Account To System
■□□□□ City of Cornelia Witnessed Fourth Ransomware Attack.
https://www.ehackingnews.com/2021/01/city-of-cornelia-witnessed-fourth.html
https://www.ehackingnews.com/2021/01/city-of-cornelia-witnessed-fourth.html
■■■■□ CVE-2020-29583: Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products.
https://thehackernews.com/2021/01/secret-backdoor-account-found-in.html
https://thehackernews.com/2021/01/secret-backdoor-account-found-in.html
cKure
■■■■□ CVE-2020-29583: Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products. https://thehackernews.com/2021/01/secret-backdoor-account-found-in.html
■■■■□CVE-2020-29583: A hardcoded credential vulnerability was identified in the “zyfwp” user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP.
https://www.zyxel.com/support/CVE-2020-29583.shtml
https://www.zyxel.com/support/CVE-2020-29583.shtml
■■■■□ #DataLeak: Facebook ads used to steal 615000+ credentials in a phishing campaign.
The campaign targeted users in multiple countries including #Egypt 🇪🇬, #Philippines🇵🇭, #Pakistan 🇵🇰, and #Nepal🇳🇵
https://securityaffairs.co/wordpress/112882/hacking/facebook-phishing-campaign-2.html
The campaign targeted users in multiple countries including #Egypt 🇪🇬, #Philippines🇵🇭, #Pakistan 🇵🇰, and #Nepal🇳🇵
https://securityaffairs.co/wordpress/112882/hacking/facebook-phishing-campaign-2.html
Security Affairs
Facebook ads used to steal 615000+ credentials in a phishing campaign
Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials.
■■□□□ AutoHotkey-Based credential stealer targets bank in the US and Canada.
https://securityaffairs.co/wordpress/112895/malware/credential-stealer-banks.html
https://securityaffairs.co/wordpress/112895/malware/credential-stealer-banks.html
Security Affairs
AutoHotkey-Based credential stealer targets bank in the US and Canada
Experts spotted a new credential stealer written in AutoHotkey (AHK) scripting language that is targeting the US and Canadian bank customers.
■■□□□ #DataLeak: Ransomware Attack Leaks GenRx’s Data.
GenRx Pharmacy, which is settled in Scottsdale, AZ, is telling people of a data breach incident. The occurrence might affect the security of certain individuals. While the drug store doesn't know about any real damage done to people because of the circumstance, it is furnishing conceivably affected people with data by means of First Class mail with respect to steps taken, and what should be done to further fortify against likely defacement.
https://www.ehackingnews.com/2021/01/ransomware-attack-leaks-genrxs-data.html
GenRx Pharmacy, which is settled in Scottsdale, AZ, is telling people of a data breach incident. The occurrence might affect the security of certain individuals. While the drug store doesn't know about any real damage done to people because of the circumstance, it is furnishing conceivably affected people with data by means of First Class mail with respect to steps taken, and what should be done to further fortify against likely defacement.
https://www.ehackingnews.com/2021/01/ransomware-attack-leaks-genrxs-data.html
■■□□□ Interesting thread: https://mobile.twitter.com/slaeryan/status/1345104252180463617