Jun 24 2018

Darknet 2018-06-24 03:30:20

Powershell-RAT – Gmail Exfiltration RAT

Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment.

This RAT will help you during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends the information to an attacker as an e-mail attachment.

It claims to not need Administrator access and is not currently detected by Anti-virus software.

Read the rest of Powershell-RAT – Gmail Exfiltration RAT now! Only available at Darknet.

Jun 21 2018

Global Threats to Information Systems

Original release date: June 21, 2018

The advanced capabilities of organized hacker groups and cyber threat actors are an increasing global threat to information systems. Rising threat levels place more demands on cybersecurity personnel and network administrators to protect information systems. Protecting network infrastructure is critical to preserving the confidentiality, integrity, and availability of communication and services across an enterprise.

Cyber campaigns—such as NotPetya—are examples of increasingly advanced threat actor activity. NotPetya coincided with a national holiday of the targeted nation. NCCIC recommends organizations remain vigilant and aware of potential malicious cyber activity ahead of upcoming national holidays, including Ukraine’s Constitution Day on June 28, 2018.

NCCIC encourages users and administrators to review Securing Network Infrastructure Devices and the United Kingdom’s National Cyber Security Centre (NCSC) guidance on Internet Edge Device Security and implement the following recommendations:

  • Segregate networks and functions.
  • Limit unnecessary lateral communications.
  • Harden network devices.
  • Secure access to infrastructure devices.
  • Perform out-of-band network management.
  • Validate hardware and software integrity.

This product is provided subject to this Notification and this Privacy & Use policy.

Jun 21 2018

Thrip: 人工衛星、通信、防衛産業を狙うスパイ集団

シマンテックによる人工知能ベースの TAA(Targeted Attack Analytics)で、広範囲にわたる新しいスパイ活動が明らかになりました。

Jun 20 2018

Cisco Releases Security Updates for Multiple Products

Original release date: June 20, 2018

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

This product is provided subject to this Notification and this Privacy & Use policy.