RW 2.0 NEWS // Your Awareness

🆕🆕🆕🆕 //The CrystalRay group attacked more than 1,500 organizations using SSH-snake. 📝The CrystalRay group, which used the open-source SSH-Snake worm for attacks in February 2024, has expanded the scope of its activity through new tactics and exploits.

🖥 SSH-Snake (https://github.com/MegaManSec/SSH-Snake) is an open source tool that is used to silently search for private keys, lateral movement attack on the victim’s infrastructure and delivery of additional payloads to compromised systems.

SSH-Snake uses SSH credentials found on a compromised system to begin spreading throughout the network. It was also noted that it differs from regular SSH worms, avoids the patterns typical of script attacks, and takes ordinary lateral network movement to the next level by being more thorough in its search for private keys. - Once the worm obtains the SSH keys, it uses them to log into new systems, and then copies itself and repeats the process on new hosts. ❗️ Among the tools that the group uses in addition to SSH-Snake are: zmap, asn, httpx, nuclei and platypus. At the same time, SSH-Snake still remains the main tool of hackers, with the help of which they move through hacked networks. 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

👾 Ребят у нас для вас охуенные новости, мы решили организовать розыгрыш на 250$, 5 победителей, каждый по 50$. ❗️Важно - в конкурсе могут принять участие исключительно пользователи с основных аккаунтов в телеграмме, перед выдачей призов будет обязательная проверка. Участников: 132 Призовых мест: 5 Дата розыгрыша: 19:00, 18.07.2024 MSK (6 дней)

🆕🆕🆕🆕 //Forensics: looking for traces of hacking on Linux and Windows 📝Intrusion prevention and detection are critical elements of computer and network security.

— It’s always useful to have a tool on hand that can scan the system for suspicious files that may appear on the system as a result of a virus attack, the actions of worms, hackers, intruders, malware, etc. In this article we will talk about a scanner called Loki (https: //kali.tools/?p=3250).

⏺ Ссылка на чтиво 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

🆕🆕🆕🆕 //Repository: Radare2 - UNIX-like reverse engineering system and powerful command line tool. 📝Radare2 (r2) is a feature-rich, low-level command line tool with support for scripting using the built-in Javascript interpreter or via r2pipe.

— This tool provides a set of libraries, tools and plugins to facilitate reverse engineering tasks.

⏺ Ссылка на GitHub 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

https://t.me/hunnitmil discover.com 75-100 118164 discover.com 30-50 832835

🆕🆕🆕🆕 //Europol eliminated 593 Cobalt Strike servers during Operation Morpheus 📝The feds, under the leadership of Europol, conducted Operation Morpheus, which resulted in the destruction of almost 600 Cobalt Strike servers used by cybercriminals.

The operation, which began back in 2021, involved law enforcement agencies from Australia, Germany, Canada, the Netherlands, Poland and the United States, and was led by the UK National Crime Agency.

🖥 - As a result, at the end of June, hundreds of IP addresses associated with criminal activity and domain names were discovered that were part of the attack infrastructure of various hacking groups. 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

🆕🆕🆕🆕 //Taking over the global network: the story of a pentest of a financial organization 📝This post will talk about how broken logic, self-written services and graphical passwords can lead to the takeover of the involved company's network, complete loss of money and loss of data.

- This is a real story. The events described in this post happened not that long ago.

⏺ Ссылка на чтиво 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

🆕🆕🆕🆕 // Indirector: Intel processors are vulnerable 📝Intel processors (including the Raptor Lake and Alder Lake generations) are susceptible to a new type of Branch Target Injection (BTI) attack, called Indirector. It can be used to steal confidential data.

Indirector exploits vulnerabilities in the Indirect Branch Predictor and Branch Target Buffer, two hardware components of modern Intel processors, to manipulate speculative execution to extract data.

🖥“The IBP and BTB systems mentioned above were found to have deficiencies in their indexing, tagging and record sharing mechanisms, and were generally built around a predictable structure that allowed targeted, high-precision manipulation. The researchers have already published a proof of concept and tools to implement the injections they described on GitHub (https://github.com/owenlly/Indirector_Artifact). 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

🆕🆕🆕🆕 // SQL injections: breaking a real website 📝A huge number of articles have been written about SQL injections. Everyone knows about the notorious ‘OR 1 = 1’ and identical designs, but not everyone has implemented them on a stand. In this article we will look at an example of some options for implementing SQL injections for a vulnerable site. - An article for those who want to use an example to understand the topic of what SQL injections are. ⏺ Ссылка на чтиво 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community

🆕🆕🆕🆕 //Medusa banker attacks Android users in seven countries 📝Android-focused banking Trojan Medusa is once again introducing activity after almost a year of lull. Now the competitor is attacking users from France, Italy, USA, Canada, Spain, UK and Turkey.

— The Medusa banking Trojan, also known as TangleBot, is a MaaS (malware as a service) malware first discovered in 2020. The malware works as a keylogger, and also intercepts control of the display and manipulates SMS.

🖥Cybersecurity specialists report that the banker has acquired new functions: it tries to initiate transactions directly from a compromised device, enables full-screen overlays, and can take screenshots. 🎁🎁🎁🎁🎁 // 🔔 RW 2.0 NEWS ✅ Advertisement Contact: @Rewodew2 🫥 💎 RW 2.0 // CHANNEL 🫥 🫣 RW 2.0 // CHAT Pro. CRD Community