Project Site Pwnagotchi is an A2C-based “AI” powered by bettercap and running on a Raspberry Pi Zero W that learns from its surrounding WiFi environment in order to maximize the crackable WPA key material it captures (either through passive sniffing or by performing deauthentication and association attacks). This material is collected on disk as PCAP files containing any form of handshake supported by hashcat,…
Read Article The ability to quickly build out a C2 infrastructure within a few minutes, including all the set up and tear down logic included would be a great asset for any offensive security group or operator. In this post, I will show exactly how to build a fully automated functional C2 infrastructure using Terraform, Nebula, Caddy and Cobalt Strike….
Read Article Phishing Detections: Starting the DIR Process Email phishing and BEC attacks both rely on email communication, so an email security tool is integral to protecting your environment. However, while an email security tool plays a central role in detecting phishing attempts, it’s not the sole solution. To effectively detect phishing and BEC incidents,…
Read Article On January 3, 2024, Mandiant’s X social media account was taken over and subsequently used to distribute links to a cryptocurrency drainer phishing page. Working with X, we were able to regain control of the account and, based on our investigation over the following days, we found no evidence of malicious activity on,…
Read Article Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/b8e1e5b832e5947f41fd6ae6ef6d09a1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32 Carbanak (Anunak) Vulnerability: Named Pipe Null DACL Family: Carbanak Type: PE32 MD5: b8e1e5b832e5947f41fd6ae6ef6d09a1 Vuln ID: MVID-2024-0667 Dropped files: AlhEXlUJ.exe, AlhEXlUJbVpfX1EMVw.bin Disclosure: 01/09/2024 Description: Carbanak malware creates 8 named pipes used for C2 and interprocess…
