Hacking HOME Reconnaissance(10) Resource Development(8) Initial Access(10) Execution(14) Persistence(20) Privilege Escalation(14) Defense Evasion(43) Credential Access(17) Discovery(32) Lateral Movement(9) Collection(17) Command and Control(17) Exfiltration(9) Impact(14)
DATE | NAME | CATEGORY | SUBCATE | INFO |
21.12.24 | cShell DDoS Bot Attack | HACKING | HACKING | ASEC recently identified a new DDoS malware strain targeting Linux servers while monitoring numerous external attacks. The threat actor initially targeted poorly managed SSH services and ultimately installed a DDoS bot named cShell. cShell is developed in the Go language and is characterized by exploiting Linux tools called screen and hping3 to perform DDoS attacks. |
5.9.24 | Macropack | HACKING | Malware | Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads |
5.9.24 | Revival Hijack | HACKING | HACKING | Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk |
30.8.24 | Malicious npm Packages | HACKING | Malware | North Korea Still Attacking Developers via npm |
21.8.24 | pwish | HACKING | PHISHING | Be careful what you pwish for – Phishing in PWA applications |
15.8.24 | ArtiPACKED | HACKING | HACKING | ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts |
9.8.24 | Downgrade Attacks | HACKING | Attack | Windows Downdate: Downgrade Attacks Using Windows Updates |
9.7.24 | Jenkins Script Console | HACKING | CRYPTOCURRENCY | Turning Jenkins Into a Cryptomining Machine From an Attacker's Perspective |
14.6.24 | Sleepy Pickle Part 2 | HACKING | ML | Exploiting ML models with pickle file attacks: Part 2 |
14.6.24 | Sleepy Pickle Part 1 | HACKING | ML | Exploiting ML models with pickle file attacks: Part 1 |
5.6.24 | HACKING | FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. | ||
3.6.24 | Hardware | Hacking Millions of Modems (and Investigating Who Hacked My Modem) | ||
1.6.24 | Hardware | Lumen Technologies’ Black Lotus Labs identified a destructive event, as over 600,000 small office/home office (SOHO) routers were taken offline belonging to a single internet service provider (ISP). | ||
28.5.24 | DNSBomb | Hacking | DNS | DNSBomb is a new practical and powerful pulsing DoS attack exploiting DNS queries and responses. |
28.5.24 | Server Side Credit Card Skimmer Lodged in Obscure Plugin | Hacking | Hacking | Attackers are always finding new ways to inject malware into websites and new ways to obscure it to avoid detection, but they’re always up to their same old tricks. In this post, we’ll explore how attackers are using a very obscure PHP snippet WordPress plugin to install server-side malware to harvest credit card details from a WooCommerce online store. |
27.5.24 | HTML Smuggling | Hacking | HTML | HTML smuggling is an innovative attack technique, which abuses HTML5 and JavaScript features to inject or extract data across network boundaries. |
27.5.24 | Transparent Phishing and HTML Smuggling | Hacking | Phishing | Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling |
10.5.24 | Tunnelcrack | Hacking | VPN | TunnelCrack is a combination of two widespread security vulnerabilities in VPNs. An adversary can abuse these vulnerabilities to leak traffic outside the VPN tunnel. |
10.5.24 | TunnelVision | Hacking | VPN | A local network VPN leaking technique that affects all routing-based VPNs |
11.4.24 | Trick Developers Detected in an Open Source Supply Chain Attack | Hacking | In a recent attack campaign, cybercriminals were discovered cleverly manipulating GitHub's search functionality, and using meticulously crafted repositories to distribute malware. | |
22.3.24 | z0Miner | Hacking | Exploit | z0Miner Exploits Korean Web Servers to Attack WebLogic Server |
7.3.24 | Quishing | Hacking | Mobil | QR codes have had a great run in the past few years, diffusing into almost every aspect of our lives, from looking at restaurant menus and paying for products or services online and offline to accessing websites with greater ease. While the positives of QR codes are clearly visible, both from a business and user perspective, their usage has some pitfalls. |
18.1.24 | iShutdown | Hacking | iOS | A lightweight method to detect potential iOS malware |
3.1.24 | SMTP Smuggling | Hacking | SPAM | In the course of a research project in collaboration with the SEC Consult Vulnerability Lab, Timo Longin (@timolongin) - known for his DNS protocol attacks |
1.1.24 | Hijack Execution Flow: DLL Search Order Hijacking | Hacking | DLL | Adversaries may execute their own malicious payloads by hijacking the search order used to load DLLs. Windows systems use a common method to look for required DLLs to load into a program.Hijacking DLL loads may be for the purpose of establishing persistence as well as elevating privileges and/or evading restrictions on file execution. |
26.12.23 | RTF template injection | Hacking | Phishing | Injection is the New Black: Novel RTF Template Inject Technique Poised for Widespread Adoption Beyond APT Actors |
24.12.23 | Insta-Phish-A-Gram | Hacking | Phishing | Following Trustwave SpiderLabs’ blog on social media-themed phishing on Facebook, comes another flavor of ‘infringement’ phishing. In this case, the targets, still under the umbrella of Meta, are Instagram users |
9.12.23 | 5GHOUL | Hacking | 5G | 5Ghoul : Unleashing Chaos on 5G Edge Devices |
8.12.23 | Ongoing attacks | Hacking | Phishing | Star Blizzard increases sophistication and evasion in ongoing attacks |
6.12.23 | Fake Lockdown Mode | Hacking | Apple | Fake Lockdown Mode: A post-exploitation tampering technique |
28.11.23 | PERFORM NTLM FORCED AUTHENTICATION ATTACKS | Hacking | Hacking | ABUSING MICROSOFT ACCESS “LINKED TABLE” FEATURE TO PERFORM NTLM FORCED AUTHENTICATION ATTACKS |
6.11.23 | Agonizing Serpens | Hacking | Hacking | The attacks are characterized by attempts to steal sensitive data, such as personally identifiable information (PII) and intellectual property. |
2.11.23 | Kopeechka | Hacking | Tool | How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime |
3.10.23 | Authenticated Origin Pulls (mTLS) | Hacking | Hacking | When visitors request content from your domain, Cloudflare first attempts to serve content from the cache. If this attempt fails, Cloudflare sends a request — or an origin pull — back to your origin web server to get the content. |
3.10.23 | Silent Skimmer | Hacking | Hacking | Silent Skimmer: Online Payment Scraping Campaign Shifts Targets From APAC to NALA |
1.10.23 | Phishing | ZeroFont phishing technique | ||
14.9.23 | Hacking | Repo Jacking: Exploiting the Dependency Supply Chain | ||
24.7.23 | drIBAN | Hacking | Hacking | Uncovering drIBAN fraud operations. Chapter 3: Exploring the drIBAN web inject kit |
4.7.23 | HTML Smuggling | Hacking | Hacking | HTML Smuggling: The Hidden Threat in Your Inbox |
1.7.23 | Proxyjacking | Hacking | Hacking | Proxyjacking: The Latest Cybercriminal Side Hustle |
28.6.23 | Process Mockingjay | Hacking | Hacking | Process Mockingjay: Echoing RWX In Userland To Achieve Code Execution |