US-Cert Archives - blackMORE Ops

US-Cert

The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications’ (CS&C) National Cybersecurity and Communications Integration Center (NCCIC). US-CERT is responsible for analyzing and reducing cyber threats, vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. The division brings advanced network and digital media analysis expertise to bear on malicious activity targeting the networks within the United States and abroad.

New Exploits for Unsecure SAP Systems

September 24, 2019 News, US-Cert

A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit tools, termed “10KBLAZE.” The presentation detailed the new exploit tools and reports on systems exposed to the internet.

Microsoft Operating Systems BlueKeep Vulnerability

September 23, 2019 News, US-Cert

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:

Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown

December 28, 2018 Bugs (Software and Hardware), US-Cert

Advanced Persistent Threat Activity Exploiting Managed Service Providers

On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware …

Inception Attackers Target Europe with Year-old Office Vulnerability

December 14, 2018 Bugs (Software and Hardware), Technical Documentation, US-Cert

The Inception attackers have been active since at least 2014 and have been documented previously by both Blue Coat and Symantec; historical attacks used custom malware for a variety of platforms, and targeting a range of industries, primarily in Russia, but also around the world. This blog describes attacks against …

Brute Force Attacks Conducted by Cyber Actors

December 13, 2018 US-Cert

In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a …

blackMORE Ops Learn one trick a day ….

Can’t connect to WiFi in Linux

Generate WiFi IVS dump with makeivs-ng on Kali Linux

Information gathering and correlation with Unicornscan on Kali Linux

Configure, Tune, Run and Automate OpenVAS on Kali Linux

Change IP address in packet capture file (faking IP)

How to access Dark Web?

Avoiding Web Application Firewall using Python

Targeting websites with Password Reset Poisoning

How to install the noip2 on Ubuntu and run via systemd systemctl (noIP Dynamic Update Client)

Accessing ESXi console screen from an SSH session

Accessing the RAID setup on an HP Proliant DL380 G7