Tag: IFTTT

Attacker’s Playbook Top 5 Is High On Passwords, Low On Malware http://ift.tt/2blVVAM Attacker’s Playbook Top 5 Is High On Passwords, Low On Malware Report: Penetration testers’ five most reliable methods of compromising targets include four different ways to use stolen credentials, but zero ways to exploit software. Playing whack-a-mole with software vulnerabilities should not be…

DanMcInerney/autorelay http://ift.tt/2bratU5 DanMcInerney/autorelay: Automatically performs the SMB relay attack either locally or on a remote device. Uses Responder to poison, Metasploit for HTTP NTLM relay (rather than just SMB relay), and Snarf for the MITM’ing. When using locally, only requires an interface and an nmap XML file or a list of IPs on the target…

Cisco patches zero-day revealed by “NSA hackers” – Naked Security http://ift.tt/2bC5E7U The Shadow Brokers are a self-styled hacker group that recently kicked off a tongue-in-cheek media campaign claiming that they’d penetrated the NSA (or someone like that – they’re referring to the victim as the Equation Group). Shadow Brokers say they’ve made off with a…

Operation Ghoul Haunting Industrial Organizations with Malware, Data Exfiltration http://ift.tt/2bG5IWc Industrial control system (ICS) security is a growing concern for organizations around the world. On the one hand, research suggests that vulnerabilities and exposures are increasingly jeopardizing the security of ICS assets. In their report Overload: Critical Lessons from 15 Years of ICS…. Threat Intel…

Did the NSA Have the Ability to Extract VPN Keys from Cisco PIX Firewalls? http://ift.tt/2bmvfzX An analysis of the BENIGNCERTAIN exploit included in The Shadow Brokers data dump reveals that the Equation Group, a cyber-espionage group that many have linked with the NSA, had the ability to crack open Cisco PIX firewalls and extract VPN…