Read Article On November 6, 2023, CustomGPTs, a new feature that OpenAI stated on its blog, became available. We can already say that the emergence of Custom Generative Pre-trained Transformers (GPTs) could mark a significant shift in the dynamics of both digital defense and offense. AI models, customizable for specific tasks, could represent a new frontier in…
Read Article On every red team engagement, one of the first steps is to gain access to the target environment. Generally, red teams will leverage social engineering techniques to get their customer to run a payload sent through email or other digital means. Unfortunately for us, on this particular engagement the client was doing a…
Read Article The Power of Automation for Pentesting Automation has become a game-changer in the world of penetration testing. With the ever-increasing complexity of networks and systems, manually tracking and responding to security events is no longer viable. This is where webhooks come into play for cybersecurity professionals, and where we as pentesters can abuse…
Read Article Initial Infection Vector The hacker initially breaches a YouTuber’s account and uploads videos masquerading as sharing cracked software. Figure 3 shows the video descriptions in which a malicious URL is embedded, enticing users to download a ZIP file that harbors malicious content for the next stage of the attack. The videos were uploaded…
Read Article NoName ransomware group has allegedly targeted multiple Ukrainian government websites. The latest victims of the alleged NoName ransomware attack on Ukraine include Accordbank, Zaporizhzhya Titanium-Magnesium Plant, State Tax Service, Central Interregional Tax Administration, Western Interregional Tax Administration, and the Main Directorate of the State Tax Service in Kyiv. The Cyber Express tried to…
Read Article Discovery Note: This paper will be covering 1 smuggle gadget out of about 10 that I use in my testing, however this paper will show how this gadget, originally found by @albinowax, can be modified to pin one provider against another in a brutal fashion as you will read soon. As a freelance…
Read Article Executive summary AT&T Alien Labs has identified a campaign to deliver AsyncRAT onto unsuspecting victim systems. During at least 11 months, this threat actor has been working on delivering the RAT through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat…
Read Article Excerpt LockBit operators and affiliates will find ways to obtain the victim’s initial access rights and use them to deliver encrypted ransomware. The attack methods can be roughly divided into the following methods: 1. Extensive vulnerability scanning . Using Nday vulnerabilities, 1day vulnerabilities, and 0day vulnerabilities to scan assets in batches is often referred to as…
