It may be a multi-award winning, top notch piece of pricey rolling art, but this 1963 Corvette restomod is begging to be driven.| CorvetteForum
CL-STA-1020 targets Southeast Asian governments using a novel Microsoft backdoor we call HazyBeacon. It misuses AWS Lambda URLs for C2. CL-STA-1020 targets Southeast Asian governments using a novel Microsoft backdoor we call HazyBeacon. It misuses AWS Lambda URLs for C2.| Unit 42
In recent years, the use of drones in emergency response has revolutionized the way first responders handle critical situations. Among the cutting-edge technologies enabling this transformation is uAvionix’s Casia G. As a key component of Drone as a First Responder (DFR) programs, Casia G detects aircraft flying around drone operations, allowing potential collisions to be … Continued The post Enhancing Drone as First Responder Programs with uAvionix’s Casia G Nighttime Capability appear...| uAvionix
A method for printing trace messages to your computer from your EFM8 or C8051F MCUs using the Silicon Labs C2 debugger API.| Jay Carlson
In this article, we discuss the malware distribution of TAG-112 via Cobalt Strike, analysis of domains used in the attack and response plans.| CIP Blog
Our latest post focuses on the command and control (C2) software frameworks used by professional offensive security red teams and criminal organizations alike. We dived into the source code of multiple high-profile, open-source C2s and discovered vulnerabilities in most of them. In this post, we provide a brief overview of C2 concepts, review the details of the frameworks' identified vulnerabilities (with nifty reproduction gifs included!), and conclude with some final thoughts about the curr...| Include Security Research Blog
The purpose of this article is simple: to make it slightly easier for the complete beginners to pivot around the topic.| GreyNoise Labs
ViperSoftX is a multi-stage cryptocurrency stealer which is spread within torrents and filesharing sites, responsible for stealing hundreds of thousands of dollar-equivalent funds, mostly from individual users. Nearly three years after it was originally discovered, this malware campaign has more surprises in store, and I'm digging into its dropper/C2 ops. The first article of a series.| tweedge's blog
SharpConflux, a .NET application built to facilitate Confluence exploitation during Red Team and Penetration Testing engagements.| LRQA Nettitude Labs