Tag: RedTeam
-
Widespread APT29 attack campaign involves red team tools
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-apt29-attack-campaign-involves-red-team-tools
-
Die 10 häufigsten LLM-Schwachstellen
by
in SecurityNews
Tags: access, ai, api, application-security, awareness, breach, cloud, control, cyberattack, data, detection, dos, encryption, injection, least-privilege, LLM, ml, monitoring, privacy, RedTeam, remote-code-execution, risk, service, tool, update, vulnerability, zero-trust -
Russia-linked APT29 group used red team tools in rogue RDP attacks
by
in SecurityNewsRussia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware. The…
-
Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets
The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/midnight-blizzard-taps-phishing-email-rogue-rdp-nets
-
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP
by
in SecurityNewsThe Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files.The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a “rogue RDP” technique that was previously First seen on…
-
Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO
by
in SecurityNewsYahoo laid off around 25% of its cybersecurity team, known as The Paranoids, over the last year. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/12/yahoo-cybersecurity-team-sees-layoffs-outsourcing-of-red-team-under-new-cto/
-
ConvoC2 A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams
by
in SecurityNewsA stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised hosts remotely. This innovative project, designed with Red Team operations in mind, uses Teams messages for hidden data exfiltration and command execution, demonstrating a significant security challenge for organizations relying on…
-
Black Hat Europe preview: Cryptographic protocol attacks and AI in the spotlight
by
in SecurityNews
Tags: access, ai, application-security, attack, authentication, backdoor, best-practice, computer, conference, control, cybercrime, cybersecurity, data, dns, encryption, exploit, finance, github, government, hacker, healthcare, identity, injection, Internet, LLM, malicious, microsoft, mitigation, office, open-source, radius, RedTeam, risk, service, sophos, technology, tool, training, vulnerability, vulnerability-management, windowsThis week in London Black Hat Europe will feature a diverse range of talks and presentations covering the latest developments in cybersecurity.The opening keynote on Wednesday will be delivered by Frédérick Douzet, a professor of geopolitics at the University of Paris 8, and director of the French Institute of Geopolitics research team. No preview is…
-
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure
by
in SecurityNewsAuthor: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…
-
How Red Teaming Helps Meet DORA Requirements
by
in SecurityNewsThe Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong… First seen on hackread.com Jump to article: hackread.com/how-red-teaming-helps-meet-dora-requirements/
-
Top tips for CISOs running red teams
by
in SecurityNewsRed team is the de facto standard in offensive security testing when you want to know how all security investments, from technological controls to user training to response procedures, work together when subjected to a targeted attack. Unlike penetration testing, which aims to comprehensively assess a system, or purple team, which assesses detection and response…
-
Gen AI use cases rising rapidly for cybersecurity, but concerns remain
by
in SecurityNews
Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usaGenerative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
-
What is Red Teaming?
by
in SecurityNewsRed teaming is like staging a realistic rehearsal for a potential cyber attack to check an organization’s security resilience before they become actual problems. The exercise has three key phases: getting inside the system, maintaining their presence undetected, and acting to achieve their goals. The job is to test an organization’s defenses, challenge security assumptions,……
-
Klein, aber oho: Die Top 5 der mobilen Hacking-Tools
by
in SecurityNewsDiese Zusammenstellung zeigt fünf leistungsstarke Geräte. Sie unterstützen ‘Red Teams bei Sicherheitstests und helfen Hobby-Hackern, ihr Wissen zu erw… First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/cybercrime/klein-aber-oho-die-top-5-der-mobilen-hacking-tools/
-
Advancing red teaming with people and AI
by
in SecurityNewsFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/advancing-red-teaming-with-people-and-ai/
-
CISA Details Red Team Assessment Including TTPs Network Defense
by
in SecurityNews
Tags: cisa, cyber, cyberattack, cybersecurity, defense, detection, infrastructure, network, RedTeam, tacticsThe Cybersecurity and Infrastructure Security Agency (CISA) recently detailed findings from a Red Team Assessment (RTA) conducted on a critical infrastructure organization in the United States. The assessment, carried out over three months, simulated real-world cyberattacks to evaluate the organization’s cybersecurity defenses, detection capabilities, and response readiness. This comprehensive analysis sheds light on the tactics,…
-
Weaponized pen testers are becoming a new hacker staple
by
in SecurityNews
Tags: access, attack, cloud, credentials, defense, google, hacker, iam, intelligence, linux, macOS, malicious, malware, microsoft, open-source, password, penetration-testing, RedTeam, software, strategy, threat, tool, vulnerability, windowsMalicious adaptations of popular red teaming tools like Cobalt Strike and Metasploit are causing substantial disruption, emerging as a dominant strategy in malware campaigns.According to research by threat-hunting firm Elastic, known for its search-powered solutions, these two conventional penetration testing tools were weaponized to account for almost half of all malware activities in 2024.”The most…
-
Response to CISA Advisory (AA24-326A): Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
by
in SecurityNewsIn response to the recently published CISA Advisory (AA24-326A) which highlights the CISA Red Team’s simulation of real-world malicious cyber operations, AttackIQ has provided actionable recommendations to help organizations emulate these attacks. These guidelines enable organizations to emulate tactics and techniques, helping to assess and improve their defenses against similar adversarial behaviors. First seen on…
-
Here’s what happens if you don’t layer network security or remove unused web shells
by
in SecurityNewsTL;DR: Attackers will break in and pwn you, as a US government red team demonstrated First seen on theregister.com Jump to article: www.theregister.com/2024/11/22/cisa_red_team_exercise/
-
CISA Red Team Finds Alarming Critical Infrastructure Risks
by
in SecurityNews
Tags: cisa, cyber, defense, detection, endpoint, infrastructure, network, RedTeam, risk, vulnerabilityRed Team Finds Vulnerabilities in Critical Infrastructure Org’s Security Framework. The U.S., cyber defense agency is urging critical infrastructure operators to learn from the experience of a volunteer read teaming test and not rely too heavily on host-based endpoint detection and response solutions at the expense of network layer protections. First seen on govinfosecurity.com Jump…
-
Azure Key Vault Tradecraft with BARK
by
in SecurityNews
Tags: access, api, authentication, credentials, data, encryption, microsoft, password, powershell, RedTeam, serviceBrief This post details the existing and new functions in BARK that support adversarial tradecraft research relevant to the Azure Key Vault service. The latter part of the post shows an example of how a red team operator may use these commands during the course of an assessment. Authentication Azure Key Vault is one of…
-
Red red team team: Threat actors hire pentesters to test out ransomware effectiveness
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/red-red-team-team-threat-actors-hire-pentesters-to-test-out-ransomware-effectiveness
-
DEF CON 32 Taming the Beast: Inside Llama 3 Red Team Process
by
in SecurityNewsAuthors/Presenters: Aaron “dyn” Grattafiori, Ivan Evtimov, Joanna Bitton, Maya Pavlova Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/def-con-32-taming-the-beast-inside-llama-3-red-team-process/
-
WhiteRabbitNeo: High-Powered Potential of Uncensored AI Pentesting for Attackers and Defenders
by
in SecurityNewsVersion 2.5 of WhiteRabbitNeo is designed to think like a seasoned red team expert, capable of identifying and exploiting vulnerabilities with remarka… First seen on securityweek.com Jump to article: www.securityweek.com/whiterabbitneo-high-powered-potential-of-uncensored-ai-pentesting-for-attackers-and-defenders/
-
Bad Actors Manipulate Red-Team Tools to Evade Detection
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/bad-actors-manipulate-red-team-tools-evade-detection
-
Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are y… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/20/week-in-review-87k-fortinet-devices-still-open-to-attack-red-teaming-tool-used-for-edr-evasion/