US-Cert Archives - blackMORE Ops

US-Cert

The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications’ (CS&C) National Cybersecurity and Communications Integration Center (NCCIC). US-CERT is responsible for analyzing and reducing cyber threats, vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities. The division brings advanced network and digital media analysis expertise to bear on malicious activity targeting the networks within the United States and abroad.

New Exploits for Unsecure SAP Systems

September 24, 2019 News, US-Cert

A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit tools, termed “10KBLAZE.” The presentation detailed the new exploit tools and reports on systems exposed to the internet.

Microsoft Operating Systems BlueKeep Vulnerability

September 23, 2019 News, US-Cert

The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions:

Side-Channel Vulnerability Variants 3a and 4 – Spectre and Meltdown

December 28, 2018 Bugs (Software and Hardware), US-Cert

Advanced Persistent Threat Activity Exploiting Managed Service Providers

On May 21, 2018, new variants of the side-channel central processing unit (CPU) hardware vulnerabilities known as Spectre and Meltdown were publicly disclosed. These variants—known as 3A and 4—can allow an attacker to obtain access to sensitive information on affected systems. Systems Affected CPU hardware implementations Description Common CPU hardware …

Brute Force Attacks Conducted by Cyber Actors

December 13, 2018 US-Cert

In a traditional brute-force attack, a malicious actor attempts to gain unauthorized access to a single account by guessing the password. This can quickly result in a targeted account getting locked-out, as commonly used account-lockout policies allow three to five bad attempts during a set period of time. During a …

Cyber Actors Target Home and Office Routers and Networked Devices Worldwide

November 19, 2018 US-Cert, Wireless LAN (Wi-Fi)

DHS and FBI recommend that all SOHO router owners power cycle (reboot) their devices to temporarily disrupt the malware. Network device management interfaces—such as Telnet, SSH, Winbox, and HTTP—should be turned off for wide-area network (WAN) interfaces, and, when enabled, secured with strong passwords and encryption. Network devices should be upgraded …

blackMORE Ops Learn one trick a day ….

Generate WiFi IVS dump with makeivs-ng on Kali Linux

Information gathering and correlation with Unicornscan on Kali Linux

Configure, Tune, Run and Automate OpenVAS on Kali Linux

Install, setup, configure and run OpenVAS on Kali Linux

Change IP address in packet capture file (faking IP)

How to access Dark Web?

Avoiding Web Application Firewall using Python

Targeting websites with Password Reset Poisoning