Radical Redirection Rodeo: Exploring The Redirection Bug Classes Of Server Side Open Redirects and Client Side Open Redirects More Indepth
π£TheCrazyAcademic
π@malwr
π£TheCrazyAcademic
π@malwr
Medium
Radical Redirection Rodeo: Exploring The Redirection Bug Classes Of Server Side Open Redirects andβ¦
Radical Redirection Rodeo: Exploring The Redirection Bug Classes Of Server Side Open Redirects and Client Side Open Redirects More Indepth So I wanted to explore the two bug classes of server sideβ¦
Administrator of βBulletproofβ Webhosting Domain Charged in Connection with Facilitation of NetWalker Ransomware
π£jnazario
π@malwr
π£jnazario
π@malwr
www.justice.gov
Administrator of βBulletproofβ Webhosting Domain Charged in Connection
An indictment was unsealed yesterday in Tampa, Florida, charging a Polish national with computer fraud conspiracy, wire fraud conspiracy, and international money laundering in connection with the provision of βbulletproofβ webhosting services that facilitatedβ¦
New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware
π£digicat
π@malwr
π£digicat
π@malwr
Cisco Talos Blog
New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware
Cisco Talos discovered an unknown threat actor, seemingly of Vietnamese origin, conducting a ransomware operation that began at least as early as June 4, 2023 with customized Yashma ransomware.
π1
German Embassy Lure: Likely Part of Campaign Against NATO Aligned Ministries of Foreign Affairs
π£digicat
π@malwr
π£digicat
π@malwr
Eclecticiq
German Embassy Lure: Likely Part of Campaign Against NATO Aligned Ministries of Foreign Affairs
EclecticIQ researchers identified two PDFs that are likely part of an ongoing campaign targeting Ministries of Foreign Affairs of NATO aligned countries.
CVE-2023-0871, an XML external entity injection vulnerability in OpenNMS Horizon
π£jnazario
π@malwr
π£jnazario
π@malwr
Synopsys
OpenNMS Horizon CVE-2023-0871: XML Injection Vulnerability | Synopsys Blog
Explore in-depth coverage of the XML External Entity injection vulnerability (CVE-2023-0871) found in OpenNMS Horizon. Stay informed with our CyRC advisory.
π1
Reconnaissance Tools | Part 1 | TryHackMe Red Team Recon
In this video walk-through, we covered the first part of passive and active reconnaissance basics and tools. We covered DNS reconnaissance using tools such as dig, whois, nslookup in addition to online tools such as threat intelligence platforms. This was part of TryHackMe Red team pathway.
Video is here
Writeup is here
π£MotasemHa
π@malwr
In this video walk-through, we covered the first part of passive and active reconnaissance basics and tools. We covered DNS reconnaissance using tools such as dig, whois, nslookup in addition to online tools such as threat intelligence platforms. This was part of TryHackMe Red team pathway.
Video is here
Writeup is here
π£MotasemHa
π@malwr
YouTube
Reconnaissance Tools | Part 1 | TryHackMe Red Team Recon
In this video walk-through, we covered the first part of passive and active reconnaissance basics and tools. We covered DNS reconnaissance using tools such as dig, whois, nslookup in addition to online tools such as threat intelligence platforms. This wasβ¦
How do you get a debit/credit card without linking it to you?
For Ops Sec purposes:
- how will you get a debit/credit card or whatsoever that you can use to pay for AWS etc without having it traced back to you?
P.S.: Legal methods only please. Please donβt suggest buying off credit card details from dumps etc.
π£Huang_Hua
The way youβre asking this question is most certainly for nefarious based purposes. Most threat actors will use compromised aws accounts or buy cc dumps.
π€AstroBoy1337
If you are doing legal and authorized testing, this is not necessary. As others have suggested, it is actually better to identify yourself to these services so they know that you aren't a real threat actor - otherwise, they suspend your account, you have bigger problems. They will be more likely to reach out if you information is legit and verifiable. I even use a +pentest alias in my contact email address.
For sketchier services (like residential proxy providers, in my experience) you can use something like Privacy.com, or use crypto if they accept it. The circumstances where you have to consider a service provider in your threat model as an authorized res teamer is few and far between.
π€DoctorGasbag
Buy a cash card from Walmart or Le Target Boutique (Target). You hand them cash, they will activate it there, and you can use that for subsequent online transactions executed over a VPN. Those don't work with Azure but *shrugs* there are plenty of other providers that they do work with. I haven't tried them with AWS.
π€CellUpper5067
π@malwr
For Ops Sec purposes:
- how will you get a debit/credit card or whatsoever that you can use to pay for AWS etc without having it traced back to you?
P.S.: Legal methods only please. Please donβt suggest buying off credit card details from dumps etc.
π£Huang_Hua
The way youβre asking this question is most certainly for nefarious based purposes. Most threat actors will use compromised aws accounts or buy cc dumps.
π€AstroBoy1337
If you are doing legal and authorized testing, this is not necessary. As others have suggested, it is actually better to identify yourself to these services so they know that you aren't a real threat actor - otherwise, they suspend your account, you have bigger problems. They will be more likely to reach out if you information is legit and verifiable. I even use a +pentest alias in my contact email address.
For sketchier services (like residential proxy providers, in my experience) you can use something like Privacy.com, or use crypto if they accept it. The circumstances where you have to consider a service provider in your threat model as an authorized res teamer is few and far between.
π€DoctorGasbag
Buy a cash card from Walmart or Le Target Boutique (Target). You hand them cash, they will activate it there, and you can use that for subsequent online transactions executed over a VPN. Those don't work with Azure but *shrugs* there are plenty of other providers that they do work with. I haven't tried them with AWS.
π€CellUpper5067
π@malwr
Reddit
From the redteamsec community on Reddit
Explore this post and more from the redteamsec community
π4
New ways to inject system CA certificates in Android 14
π£pimterry
Been using this the last couple days. Loved the ingenuity to it
π€tysear
This is an update to a previous post from a couple of weeks back, discussed quite a bit in this sub over here: https://httptoolkit.com/blog/android-14-install-system-ca-certificate/
π€pimterry
π@malwr
π£pimterry
Been using this the last couple days. Loved the ingenuity to it
π€tysear
This is an update to a previous post from a couple of weeks back, discussed quite a bit in this sub over here: https://httptoolkit.com/blog/android-14-install-system-ca-certificate/
π€pimterry
π@malwr
Httptoolkit
New ways to inject system CA certificates in Android 14
A couple of weeks ago I published a post about changes in Android 14 that fundamentally break existing approaches to installing system-level CA certificates,...
Cisco buying Splunk
https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html
π£Natural_Sherbert_391
π@malwr
https://www.cnbc.com/2023/09/21/cisco-acquiring-splunk-for-157-a-share-in-cash.html
π£Natural_Sherbert_391
π@malwr
CNBC
Cisco makes largest ever acquisition, buying cybersecurity company Splunk for $28 billion in cash
Cisco said it was acquiring cybersecurity software company Splunk for $157 a share in a cash deal worth about $28 billion.
reverse engineering nrf51 firmware
I recently managed to extract the firmware from a nrf51822 chip over swd. The problem is, I am an absolute beginner to reverse engineering firmware, binwalk comes up blank, and other things I've tried, like firmware mod kit, have come up blank. I have also managed to open it in ghidra, but it doesn't seem to be quite right. I have found this git repository(https://github.com/DigitalSecurity/nrf5x-tools) that can help with reversing, and the scripts seem to be correctly identifying the firmware binary as from an nrf51822, but for actually reversing the firmware the script requires IDA pro's python api, which is not at all viable given its price. Is there any way to do something similar in ghidra or some other software?
π£Matlex2
π@malwr
I recently managed to extract the firmware from a nrf51822 chip over swd. The problem is, I am an absolute beginner to reverse engineering firmware, binwalk comes up blank, and other things I've tried, like firmware mod kit, have come up blank. I have also managed to open it in ghidra, but it doesn't seem to be quite right. I have found this git repository(https://github.com/DigitalSecurity/nrf5x-tools) that can help with reversing, and the scripts seem to be correctly identifying the firmware binary as from an nrf51822, but for actually reversing the firmware the script requires IDA pro's python api, which is not at all viable given its price. Is there any way to do something similar in ghidra or some other software?
π£Matlex2
π@malwr
GitHub
GitHub - DigitalSecurity/nrf5x-tools: Nordic Semiconductor nRF5x series disassembly tools
Nordic Semiconductor nRF5x series disassembly tools - DigitalSecurity/nrf5x-tools