Collecting Cyber-News from over 60 sources

Tag: RedTeam

Further Adventures With CMPivot”Š”, “ŠClient Coercion

Feb 3, 2025 8:12 PM

Tags: access, ai, authentication, computer, control, data, github, microsoft, ntlm, powershell, RedTeam, service, software, tool, vulnerability, windows

Further Adventures With CMPivot”Š”, “ŠClient Coercion Perfectly Generated AI Depiction based on Title TL:DR CMPivot queries can be used to coerce SMB authentication from SCCM client hosts Introduction CMPivot is a component part of the Configuration Manager framework. With the rise in popularity for ConfigMgr as a target in red team operations, this post looks to cover a…
DeepSeek-R1 more readily generates dangerous content than other large language models

Feb 3, 2025 5:12 PM

Tags: ai, cyber, RedTeam, tool

Research scientists at cyber firm Enkrypt AI publish concerning findings from a red team exercise conducted against DeepSeek, the hot new generative AI tool First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618734/DeepSeek-R1-more-readily-generates-dangerous-content-than-other-large-language-models
Red teaming Deepseek aka DeepSeek R1 Exposed: Security Flaws in China’s AI Model

Jan 29, 2025 5:37 PM

Tags: ai, china, data-breach, flaw, RedTeam

First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/red-teaming-deepseek-aka-deepseek-r1-exposed-security-flaws-in-chinas-ai-model/
3 takeaways from red teaming 100 generative AI products

Jan 22, 2025 4:22 PM

Tags: ai, RedTeam

First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/3-takeaways-from-red-teaming-100-generative-ai-products/
Cisco Previews AI Defenses to Cloud Security Platform

Jan 22, 2025 2:22 PM

Tags: ai, cisco, cloud, defense, intelligence, RedTeam, technology

Set for release in March, Cisco AI Defense will provide algorithmic red teaming of large language models with technology that came over as part of the Robust Intelligence acquisition last year. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/cisco-previews-ai-defense-cloud-security
Life at SpecterOps Part II: From Dream to Reality

Jan 22, 2025 8:22 AM

Tags: automation, conference, jobs, linkedin, open-source, RedTeam, social-engineering, software, tool, training

TL;DR We are hiring consultants at various levels. The job posting can be found under the Consultant opening here: specterops.io/careers/#careers Introduction Hey, it’s me again! The last time we spoke back in August 2024, I told you all about life and some of the intangible benefits of working as a consultant at SpecterOps. In that…
Secure AI? Dream on, says AI red team

Jan 18, 2025 5:22 AM

Tags: ai, attack, group, microsoft, RedTeam

The group responsible for red teaming of over 100 generative AI products at Microsoft has concluded that the work of building safe and secure AI systems will never be complete.In a paper published this week, the authors, including Microsoft Azure CTO Mark Russinovich, described some of the team’s work and provided eight recommendations designed to…
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming

Jan 14, 2025 8:46 AM

Tags: ai, jobs, microsoft, RedTeam

Redmond’s AI Red Team says human involvement remains irreplaceable in addressing nuanced risks. The post AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ai-wont-take-this-job-microsoft-says-human-ingenuity-crucial-to-red-teaming/
Insights from CISA’s red team findings and the evolution of EDR

Jan 14, 2025 8:46 AM

Tags: cisa, detection, edr, endpoint, infrastructure, RedTeam, vulnerability

A recent CISA red team assessment of a United States critical infrastructure organization revealed systemic vulnerabilities in modern cybersecurity. Among the most pressing issues was a heavy reliance on endpoint detection and response (EDR) solutions, paired with a lack of… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/insights-from-cisas-red-team-findings-and-the-evolution-of-edr/
Legitimate PoC exploited to spread information stealer

Jan 10, 2025 5:18 AM

Tags: access, awareness, backdoor, ceo, computer, cve, exploit, github, hacker, identity, infosec, Internet, linux, malicious, malware, open-source, RedTeam, social-engineering, software, tactics, threat, tool, training, vulnerability, windows

A recently copied and abused open source proof of concept (PoC) exploit from a reputable security company, aimed at helping threat researchers, is the latest example of the novel tactics hackers will use to spread malware.PoCs for known vulnerabilities are created to be shared by students, researchers, and IT pros to improve software and toughen…
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting

Jan 7, 2025 9:17 AM

Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-day

Generative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
Garak An Open Source LLM Vulnerability Scanner for AI Red-Teaming

Jan 6, 2025 9:17 AM

Tags: ai, cyber, data, guide, injection, LLM, open-source, RedTeam, tool, vulnerability

Garak is a free, open-source tool specifically designed to test the robustness and reliability of Large Language Models (LLMs). Inspired by utilities like Nmap or Metasploit, Garak identifies potential weak points in LLMs by probing for issues such as hallucinations, data leakage, prompt injections, toxicity, jailbreak effectiveness, and misinformation propagation. This guide covers everything you…
DEF CON 32 War Games Red Team for OT Based on Real World Case Studies

Jan 2, 2025 10:18 PM

Tags: conference, RedTeam

Author/Presenter: Shishir Gupta Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/def-con-32-war-games-red-team-for-ot-based-on-real-world-case-studies/
4 Wege zu neuer Cyberabwehrstärke

Dec 23, 2024 5:42 AM

Tags: ai, antivirus, application-security, backdoor, cio, cloud, crypto, cyberattack, cybersecurity, data-breach, ddos, detection, hacker, iot, phishing, RedTeam, reverse-engineering, tool, vulnerability

Anurag Goyal ist Head of Cybersecurity beim Plattformanbieter RedDoorz. Darüber hinaus hat er sich auch als Sicherheitsforscher und Ethical Hacker einen Namen gemacht. Anurag Goyal 3. Red Teaming Red Teaming stellt einen dynamischen und umfassenden Ansatz dar, um die Cyberresilienz von Organisationen zu bewerten und zu optimieren. Dabei simulieren Security-Profis ausgeklügelte Cyberattacken und ahmen dazu…
Widespread APT29 attack campaign involves red team tools

Dec 19, 2024 9:46 PM

Tags: attack, RedTeam, tool

First seen on scworld.com Jump to article: www.scworld.com/brief/widespread-apt29-attack-campaign-involves-red-team-tools
Die 10 häufigsten LLM-Schwachstellen

Dec 19, 2024 6:42 AM

Tags: access, ai, api, application-security, awareness, breach, cloud, control, cyberattack, data, detection, dos, encryption, injection, least-privilege, LLM, ml, monitoring, privacy, RedTeam, remote-code-execution, risk, service, tool, update, vulnerability, zero-trust
Russia-linked APT29 group used red team tools in rogue RDP attacks

Dec 19, 2024 12:42 AM

Tags: attack, blizzard, cyber, cyberattack, data, email, espionage, government, group, malicious, phishing, RedTeam, russia, tool, ukraine

Russia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware. The…
Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets

Dec 18, 2024 4:42 PM

Tags: attack, blizzard, email, group, malicious, phishing, RedTeam, russia, tool

The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/midnight-blizzard-taps-phishing-email-rogue-rdp-nets
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

Dec 18, 2024 2:42 PM

Tags: attack, cyber, government, hacker, malicious, RedTeam, russia, threat, ukraine

The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files.The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a “rogue RDP” technique that was previously First seen on…
Top 10 cybersecurity misconfigurations: Nail the setup to avoid attacks

Dec 17, 2024 7:44 AM

Tags: access, attack, authentication, awareness, blueteam, breach, cisa, cloud, computing, control, credentials, cyber, cybersecurity, data, data-breach, endpoint, exploit, extortion, firmware, incident response, infrastructure, intelligence, kev, malicious, malware, mfa, microsoft, monitoring, network, office, open-source, password, phishing, RedTeam, risk, service, software, supply-chain, threat, unauthorized, update, vulnerability, zero-day, zero-trust

While cybersecurity headlines are often dominated by the latest zero-day or notable vulnerability in a vendor’s software/product or open-source software library, the reality is that many significant data breaches have been and will continue to be due to misconfigurations.To underscore the serious of this issue, the US National Security Agency (NSA) and the Cybersecurity and…
Yahoo cybersecurity team sees layoffs, outsourcing of ‘red team,’ under new CTO

Dec 12, 2024 10:05 PM

Tags: cybersecurity, jobs, RedTeam

Yahoo laid off around 25% of its cybersecurity team, known as The Paranoids, over the last year. First seen on techcrunch.com Jump to article: techcrunch.com/2024/12/12/yahoo-cybersecurity-team-sees-layoffs-outsourcing-of-red-team-under-new-cto/
ConvoC2 A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams

Dec 12, 2024 1:05 PM

Tags: control, cyber, data, exploit, infrastructure, microsoft, RedTeam, tool

A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised hosts remotely. This innovative project, designed with Red Team operations in mind, uses Teams messages for hidden data exfiltration and command execution, demonstrating a significant security challenge for organizations relying on…
Black Hat Europe preview: Cryptographic protocol attacks and AI in the spotlight

Dec 10, 2024 7:07 PM

Tags: access, ai, application-security, attack, authentication, backdoor, best-practice, computer, conference, control, cybercrime, cybersecurity, data, dns, encryption, exploit, finance, github, government, hacker, healthcare, identity, injection, Internet, LLM, malicious, microsoft, mitigation, office, open-source, radius, RedTeam, risk, service, sophos, technology, tool, training, vulnerability, vulnerability-management, windows

This week in London Black Hat Europe will feature a diverse range of talks and presentations covering the latest developments in cybersecurity.The opening keynote on Wednesday will be delivered by FrÃ©dÃ©rick Douzet, a professor of geopolitics at the University of Paris 8, and director of the French Institute of Geopolitics research team. No preview is…
SPA is for Single-Page Abuse! Using Single-Page Application Tokens to Enumerate Azure

Dec 10, 2024 6:07 PM

Tags: access, api, attack, authentication, browser, chrome, cloud, control, data, detection, google, government, guide, identity, macOS, mfa, microsoft, network, office, powershell, RedTeam, technology, tool, update, windows

Author: Lance B. Cain Overview Microsoft Azure is a leading cloud provider offering technology solutions to companies, governments, and other organizations around the globe. As such, many entitles have begun adopting Azure for their technology needs to include identity, authentication, storage, application management, and web services. One of the most common methods for organizations to begin…
How Red Teaming Helps Meet DORA Requirements

Dec 10, 2024 2:07 PM

Tags: dora, finance, RedTeam, resilience

The Digital Operational Resilience Act (DORA) sets strict EU rules for financial institutions and IT providers, emphasizing strong… First seen on hackread.com Jump to article: hackread.com/how-red-teaming-helps-meet-dora-requirements/
Top tips for CISOs running red teams

Dec 10, 2024 8:10 AM

Tags: access, attack, business, ciso, control, credentials, data, detection, edr, exploit, finance, flaw, group, guide, identity, infrastructure, jobs, mfa, network, penetration-testing, phishing, PurpleTeam, RedTeam, risk, soc, threat, training, windows

Red team is the de facto standard in offensive security testing when you want to know how all security investments, from technological controls to user training to response procedures, work together when subjected to a targeted attack. Unlike penetration testing, which aims to comprehensively assess a system, or purple team, which assesses detection and response…
Gen AI use cases rising rapidly for cybersecurity, but concerns remain

Dec 9, 2024 8:07 AM

Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usa

Generative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber Agencies Offer Prevention Tips Against Telecom Spying Attacks

Dec 6, 2024 6:49 PM

Tags: access, advisory, ai, attack, authentication, best-practice, breach, business, china, cisa, cloud, communications, compliance, computing, control, credentials, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, espionage, exploit, finance, firewall, fraud, government, group, guide, hacker, hacking, identity, infrastructure, insurance, international, Internet, interpol, iot, korea, law, least-privilege, linux, lockbit, login, malware, mfa, mitigation, mobile, network, open-source, password, phishing, privacy, ransomware, RedTeam, resilience, risk, router, scam, service, software, strategy, supply-chain, technology, theft, threat, tool, unauthorized, usa, vpn, vulnerability, windows

Don’t miss the Linux Foundation’s deep dive into open source software security. Plus, cyber agencies warn about China-backed cyber espionage campaign targeting telecom data. Meanwhile, a study shows the weight of security considerations in generative AI projects. And get the latest on ransomware trends, financial cybercrime and critical infrastructure security. Dive into six things that…
What is Red Teaming?

Dec 6, 2024 6:49 PM

Tags: attack, cyber, defense, jobs, RedTeam, resilience

Red teaming is like staging a realistic rehearsal for a potential cyber attack to check an organization’s security resilience before they become actual problems. The exercise has three key phases: getting inside the system, maintaining their presence undetected, and acting to achieve their goals. The job is to test an organization’s defenses, challenge security assumptions,……
10 most critical LLM vulnerabilities

Dec 3, 2024 8:49 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, backdoor, breach, business, compliance, control, corporate, credit-card, cybersecurity, data, data-breach, email, exploit, guide, injection, intelligence, jobs, leak, least-privilege, LLM, malicious, privacy, RedTeam, risk, sans, service, social-engineering, spam, strategy, supply-chain, technology, theft, threat, tool, training, unauthorized, update, vulnerability, zero-trust

Enterprise adoption of generative AI technologies has exploded in 2024 due to the rapid evolution of the technology and the emergence of a variety of business use cases. According to Menlo Ventures, AI spending surged to $13.8 billion this year, up six-fold from 2023, and 72% of US decision makers say they are expanding their…