Australian financial services company Latitude Financial Services is notifying roughly 300,000 customers that their personal information might have been compromised in a data breach. A subsidiary of Deutsche Bank and KKE operating since 2015 and headquartered in Melbourne, Latitude is the largest non-bank lender of consumer credit in Australia, also offering services in New Zealand, under the brand Gem Finance. On Thursday, the company disclosed falling victim to a cyberattack that forced it to suspend services and which also resulted in the theft of customer data. “Latitude Financial has experienced a data theft as the result of what appears to be a sophisticated and malicious cyberattack,” Latitude says in a data breach notice . The attackers, the company says, stole personal information held by two service providers, which served customers in both Australia and New Zealand. According to Latitude, the malicious activity appears to have originated from one of its ven

The Federal Bureau of Investigation (FBI), the Cybersecurity and Information Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) this week issued an alert on the LockBit 3.0 ransomware operation. Since January 2020, LockBit has functioned based on the ransomware-as-a-service (RaaS) model, targeting a broad range of businesses and critical infrastructure entities and using a variety of tactics, techniques, and procedures (TTPs). Also referred to as LockBit Black, LockBit 3.0 has a more modular architecture compared to its previous variants, and supports various arguments that modify its behavior after deployment. To hinder analysis and detection, LockBit 3.0 installers are encrypted, and can only be executed if a password is supplied, the FBI, CISA, and MS-ISAC explain in a joint advisory. The malware also supports specific arguments for lateral movement, can reboot systems in Safe Mode, and performs a language check at runtime to avoid infectin

The Project Zero team at Google has recently found and reported 18 zero-day vulnerabilities in Samsung’s Exynos chipsets, which are mainly used in:- Mobile devices Wearables Automobiles Among the 18 zero-day vulnerabilities, four vulnerabilities were classified as the most serious, as they enabled remote code execution (RCE) over the internet to the baseband. Project Zero researchers conducted tests that confirmed that the four vulnerabilities could be exploited remotely by an attacker in order to compromise a phone’s baseband without requiring any user interaction on the attacker’s part and with only the attacker knowing the victim’s phone number as the only condition. In order to pull off the attack, all that is necessary is the victim’s phone number in order to get the job done. Moreover, it’s also possible for experienced attackers to effortlessly create exploits to remotely breach vulnerable devices without alerting the targets. Affected Devices Samsung Semiconductor announced in

Secure Shell is a protocol that provides authentication, encryption and data integrity to secure network communications. Implementations of Secure Shell offer the following capabilities: a secure command-shell, secure file transfer, and remote access to a variety of TCP/IP applications via a secure tunnel. Secure Shell client and server applications are widely available for most popular operating systems.  Functionality of Secure Shell Secure Shell provides three main capabilities, which open the door for many creative secure solutions.  Secure command-shell Secure file transfer Port forwarding  Secure Command Shell Command shells such as those available in Linux, Unix, Windows, or the familiar DOS prompt provide the ability to execute programs and other commands, usually with character output. A secure command-shell or remote logon allows you to edit files, view the contents of directories and access custom database applications. Systems and network administrators can re

We are bringing here a collection of open-source and commercial Red Team tools that aid in red team operations. This repository will help you with the majority part of red team engagement. Red Team Tools Field Manual Red Team Tools Operations: Reconnaissance Weaponization Delivery Command and Control Lateral Movement Establish Foothold Escalate Privileges Data Exfiltration Misc References Best Red Team Tools 2023 Reconnaissance Active Intelligence Gathering EyeWitness   is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible. AWSBucketDump   is a tool to quickly enumerate AWS S3 buckets to look for loot.  AQUATONE   is a set of tools for performing reconnaissance on domain names.  spoofcheck   a program that checks if a domain can be spoofed. The program checks SPF and DMARC records for weak configurations that allow spoofing.  Nmap   is used to discover hosts and services on a computer network,

The most recent Kali Linux release for 2022, Kali Linux 2022.4, from Offensive Security includes updated desktop experiences, new Azure and QEMU images, and six new tools. With the addition of 6 new tools, Kali Linux is once again available through the Microsoft Azure store. The tools include Windows NTLM relay tools, a Windows privilege elevation tool, and a driver for Hak5’s WiFi Coconut. The Kali Linux distribution was created for ethical hackers to use in network penetration testing, security audits, and cybersecurity research. The Kali Linux Team adds a number of new features with this release, including:   Microsoft Azure – Kali Linux distro is back on Microsoft Azure More Platforms – Generic Cloud, QEMU VM image, & Vagrant libvirt Kali NetHunter Pro – Announcing the first release of a “true” Kali Linux on the mobile phone (PinePhone / Pro) Kali NetHunter – Internal Bluetooth support, kernel porting video, firmware updates, & other improvements De