Cameras and other smart devices can be used by hackers as proxies to access home or corporate networks. Once inside, hackers often use these devices to move laterally and compromise other systems

hackers-arise.com/network-espi...

Automating tasks during a pentest saves a great deal of time. Knowing how to write at least small scripts in Bash and Python is definitely helpful. As you solve problems your GitHub grows, which is certainly an asset when looking for employment

t.co/qdPSXtjWny

A custom Linux beacon was released for Cobalt Strike on GitHub.

The author says that it is possible to build custom implants for Cobalt Strike on virtually any platform.

github.com/EricEsquivel...

#dfir #blueteam #threathunting #c2 #redteam #pentest

LSASS DLL loading can be abused to establish persistence inside a highly privileged system process, causing LSASS to load additional packages at startup. Learn how it works and start monitoring it

hackers-arise.com/advanced-win...

#redteam #DFIR #blueteam #pentest

Timeroasting can be used to extract user hashes and it's stealtier than DCSync or NTDS shadow copies. Defenders should start monitoring this activity.

Learn how: hackers-arise.com/powershell-f...

#DFIR #BlueTeam #redteam

Returning to the #React2Shell case, we can note a consistently high level of malicious activity in the field of exploitation. According to recent data from GreyNoise, more than 1.4 million attempts were recorded over the last week.

hackers-arise.com/react2shell-...

Airplanes constantly broadcast unencrypted ADS-B signals at 1090 MHz, see how we captured and interpreted that data with dump1090 and #BladeRF
for educational purposes.

hackers-arise.com/sdr-signals-...

#SDR

Unfortunately, many common #Linux monitoring techniques are becoming obsolete. Hackers are using tools like #HackShell and its weaponized variant ShadowHS for fileless post-exploitation that evades logs and disk traces.

#BlueTeam should know how to detect it

hackers-arise.com/linux-hacksh...

Robin is an AI-powered #OSINT tool that automates #DarkWeb searches, refines them with LLMs, and gives you a report. That's really useful for #ThreatHunting. You can run it on a cheap Raspberry Pi for automated monitoring.

hackers-arise.com/artificial-i...

#AnyDesk has been favored by #APT groups due to its widespread presence. In our forensic analyses, we saw cases where incident response teams completely overlooked AnyDesk, allowing hackers to maintain persistence and ultimately execute a #ransomware attack.

hackers-arise.com/digital-fore...

Recently, we started a new series on #PowerShell for #DFIR. In part one, log analysis and system hardening are covered. It is yet another demonstration of how extremely versatile PowerShell can be

hackers-arise.com/powershell-f...

We've been actively using #Meshtastic in the early days of Russia's invasion of #Ukraine, right after they hacked #Viasat and crippled comms. These devices are super affordable and there is no quick battery drain.

See how Aircorridor covered it in his article!
hackers-arise.com/off-grid-com...

Components in #nuclear facilities are vulnerable to attacks such as MAC address spoofing and hardware-related exploits. Those working in #SCADA/ICS security should take note. Government-backed #APTs have multiple vectors they could exploit to disrupt operations.

hackers-arise.com/scada-ics-ha...