Tag: RedTeam
-
Sliver C2 Server Vulnerability Enables TCP Hijacking for Traffic Interception
by
in SecurityNewsA significant vulnerability has been discovered in the Sliver C2 server, a popular open-source cross-platform adversary emulation and red team framework. This vulnerability, identified as CVE-2025-27090, allows attackers to hijack TCP connections, enabling them to intercept and manipulate traffic. The exploit leverages a Server-Side Request Forgery (SSRF) technique, which can be particularly damaging as it…
-
Getting the Most Value out of the OSCP: Pre-Course Prep
by
in SecurityNews
Tags: access, antivirus, attack, compliance, control, credentials, cyber, cybersecurity, detection, exploit, finance, framework, guide, hacker, hacking, infosec, infrastructure, jobs, kali, linux, mandiant, metric, microsoft, mitre, network, organized, password, penetration-testing, PurpleTeam, RedTeam, risk, service, skills, software, tactics, technology, tool, training, vulnerability, windowsThe first post in a five-part practical guide series on maximizing the professional, educational, and financial value of the OffSec certification pursuit for a successful career in offensive cybersecurity consulting Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements.…
-
Leveraging Microsoft Text Services Framework (TSF) for Red Team Operations
by
in SecurityNewsThe Praetorian Labs team was tasked with identifying novel and previously undocumented persistence mechanisms for use in red team engagements. Our primary focus was on persistence techniques achievable through modifications in HKCU, allowing for stealthy, user-level persistence without requiring administrative privileges. Unfortunately, while we identified an interesting persistence technique, the method we discuss in this……
-
CISOs: Stop trying to do the lawyer’s job
by
in SecurityNews
Tags: breach, business, ciso, compliance, cybersecurity, data, email, finance, group, guide, incident response, international, jobs, law, privacy, RedTeam, risk, risk-management, security-incident, service, skills, strategy, technology, training, updateThere’s a joke that’s been floating around boardrooms for years: “What’s the difference between lawyers and engineers? Lawyers don’t think they’re engineers.”This light-hearted jab highlights a fundamental difference between the two professions. Engineers, and by extension CISOs, focus on building and fixing things, learning a wide array of skills, sometimes sticking their hands into technologies…
-
Further Adventures With CMPivot”Š”, “ŠClient Coercion
by
in SecurityNewsFurther Adventures With CMPivot”Š”, “ŠClient Coercion Perfectly Generated AI Depiction based on Title TL:DR CMPivot queries can be used to coerce SMB authentication from SCCM client hosts Introduction CMPivot is a component part of the Configuration Manager framework. With the rise in popularity for ConfigMgr as a target in red team operations, this post looks to cover a…
-
DeepSeek-R1 more readily generates dangerous content than other large language models
by
in SecurityNewsResearch scientists at cyber firm Enkrypt AI publish concerning findings from a red team exercise conducted against DeepSeek, the hot new generative AI tool First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618734/DeepSeek-R1-more-readily-generates-dangerous-content-than-other-large-language-models
-
Red teaming Deepseek aka DeepSeek R1 Exposed: Security Flaws in China’s AI Model
by
in SecurityNewsFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/red-teaming-deepseek-aka-deepseek-r1-exposed-security-flaws-in-chinas-ai-model/
-
3 takeaways from red teaming 100 generative AI products
by
in SecurityNewsFirst seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/3-takeaways-from-red-teaming-100-generative-ai-products/
-
Cisco Previews AI Defenses to Cloud Security Platform
by
in SecurityNewsSet for release in March, Cisco AI Defense will provide algorithmic red teaming of large language models with technology that came over as part of the Robust Intelligence acquisition last year. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/cisco-previews-ai-defense-cloud-security
-
Secure AI? Dream on, says AI red team
The group responsible for red teaming of over 100 generative AI products at Microsoft has concluded that the work of building safe and secure AI systems will never be complete.In a paper published this week, the authors, including Microsoft Azure CTO Mark Russinovich, described some of the team’s work and provided eight recommendations designed to…
-
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming
by
in SecurityNewsRedmond’s AI Red Team says human involvement remains irreplaceable in addressing nuanced risks. The post AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ai-wont-take-this-job-microsoft-says-human-ingenuity-crucial-to-red-teaming/
-
Insights from CISA’s red team findings and the evolution of EDR
by
in SecurityNewsA recent CISA red team assessment of a United States critical infrastructure organization revealed systemic vulnerabilities in modern cybersecurity. Among the most pressing issues was a heavy reliance on endpoint detection and response (EDR) solutions, paired with a lack of… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/insights-from-cisas-red-team-findings-and-the-evolution-of-edr/
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
by
in SecurityNews
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
Garak An Open Source LLM Vulnerability Scanner for AI Red-Teaming
by
in SecurityNewsGarak is a free, open-source tool specifically designed to test the robustness and reliability of Large Language Models (LLMs). Inspired by utilities like Nmap or Metasploit, Garak identifies potential weak points in LLMs by probing for issues such as hallucinations, data leakage, prompt injections, toxicity, jailbreak effectiveness, and misinformation propagation. This guide covers everything you…
-
DEF CON 32 War Games Red Team for OT Based on Real World Case Studies
by
in SecurityNewsAuthor/Presenter: Shishir Gupta Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/def-con-32-war-games-red-team-for-ot-based-on-real-world-case-studies/
-
4 Wege zu neuer Cyberabwehrstärke
by
in SecurityNews
Tags: ai, antivirus, application-security, backdoor, cio, cloud, crypto, cyberattack, cybersecurity, data-breach, ddos, detection, hacker, iot, phishing, RedTeam, reverse-engineering, tool, vulnerabilityAnurag Goyal ist Head of Cybersecurity beim Plattformanbieter RedDoorz. Darüber hinaus hat er sich auch als Sicherheitsforscher und Ethical Hacker einen Namen gemacht. Anurag Goyal 3. Red Teaming Red Teaming stellt einen dynamischen und umfassenden Ansatz dar, um die Cyberresilienz von Organisationen zu bewerten und zu optimieren. Dabei simulieren Security-Profis ausgeklügelte Cyberattacken und ahmen dazu…
-
Widespread APT29 attack campaign involves red team tools
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-apt29-attack-campaign-involves-red-team-tools
-
Die 10 häufigsten LLM-Schwachstellen
by
in SecurityNews
Tags: access, ai, api, application-security, awareness, breach, cloud, control, cyberattack, data, detection, dos, encryption, injection, least-privilege, LLM, ml, monitoring, privacy, RedTeam, remote-code-execution, risk, service, tool, update, vulnerability, zero-trust -
Russia-linked APT29 group used red team tools in rogue RDP attacks
by
in SecurityNewsRussia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware. The…
-
Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets
The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/midnight-blizzard-taps-phishing-email-rogue-rdp-nets
-
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP
by
in SecurityNewsThe Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files.The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a “rogue RDP” technique that was previously First seen on…
-
Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO
by
in SecurityNewsYahoo laid off around 25% of its cybersecurity team, known as The Paranoids, over the last year. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/12/yahoo-cybersecurity-team-sees-layoffs-outsourcing-of-red-team-under-new-cto/
-
ConvoC2 A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams
by
in SecurityNewsA stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised hosts remotely. This innovative project, designed with Red Team operations in mind, uses Teams messages for hidden data exfiltration and command execution, demonstrating a significant security challenge for organizations relying on…
-
Black Hat Europe preview: Cryptographic protocol attacks and AI in the spotlight
by
in SecurityNews
Tags: access, ai, application-security, attack, authentication, backdoor, best-practice, computer, conference, control, cybercrime, cybersecurity, data, dns, encryption, exploit, finance, github, government, hacker, healthcare, identity, injection, Internet, LLM, malicious, microsoft, mitigation, office, open-source, radius, RedTeam, risk, service, sophos, technology, tool, training, vulnerability, vulnerability-management, windowsThis week in London Black Hat Europe will feature a diverse range of talks and presentations covering the latest developments in cybersecurity.The opening keynote on Wednesday will be delivered by Frédérick Douzet, a professor of geopolitics at the University of Paris 8, and director of the French Institute of Geopolitics research team. No preview is…
-
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure
by
in SecurityNewsAuthor: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…
-
How Red Teaming Helps Meet DORA Requirements
by
in SecurityNewsThe Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong… First seen on hackread.com Jump to article: hackread.com/how-red-teaming-helps-meet-dora-requirements/
-
Top tips for CISOs running red teams
by
in SecurityNewsRed team is the de facto standard in offensive security testing when you want to know how all security investments, from technological controls to user training to response procedures, work together when subjected to a targeted attack. Unlike penetration testing, which aims to comprehensively assess a system, or purple team, which assesses detection and response…