# Latest Podcast
# Description
Today, MapXplore is a tool that improts data from sqlmap to PostgreSQL or SQLite, makin it easer for searching and managing information. linWinPwn is a bash script for auditing and penetration testing Active Directory on Linux systems. There's a new set of proof-of-concept modules for Windows OS kernel-mode rootkit techniques, focusing on various methods and compatible with 64-bit Windows 10 post the 2004 update. luijait created DarkGPT, an AI-based Open Source Intelligence tool that uses GPT-4-200K to spot compromised databases, needing Python 3.8. DNS-Tunnel-Keylogger is for sending keystrokes via DNS tunneling from a compromised system to an attacker server. Warp brings a Rust-built terminal for Linux with AI and tools for better productivity, like editing, command generation, and workflows.
# Tradecraft
[#]
MapXplore is a tool that imports data from sqlmap into PostgreSQL or SQLite databases, allowing for more efficient searching and management of extracted information.
[#]
The article introduces linWinPwn, a comprehensive bash script for auditing and penetration testing Active Directory environments from a Linux system.
[#]
A collection of proof-of-concept modules for studying or teaching kernel-mode rootkit techniques specifically for Windows OS, with each focusing on different methods like blocking driver loading, process creation, and getting privileged system access, has been released and is compatible with 64-bit versions of Windows 10 from the 2004 update onwards.
[#]
A security researcher known by "luijait" has developed an AI-based Open Source Intelligence tool named DarkGPT that utilizes GPT-4-200K to detect compromised databases and requires Python 3.8 or higher for installation.
[#]
The DNS-Tunnel-Keylogger is a tool used for covertly transmitting keystrokes from a compromised system to an attacker-controlled server using DNS tunneling, a technique to bypass firewalls and avoid detection.
[#]
Warp is a newly available, Rust-built terminal for Linux with AI and collaboration tools, promising enhanced productivity with features like modern editing, command generation, and reusable workflows.
# News
[#]
Researchers at vx-underground have reported a significant data leak involving over 70 million records from an unspecified AT&T division, which purportedly stems from a cybersecurity breach by the hacking group ShinyHunters in 2021.
[#]
Cybersecurity experts have discovered a series of GitHub repositories that were distributing a cracked software designed to install the RisePro info-stealer malware, prompting alerts to avoid downloading and to report such repositories.
[#]
Microsoft has implemented popup ads on Windows 10 and Windows 11 for Chrome users to promote their Bing and GPT-4 Bing Chat, which some mistook for malware due to poor image quality, but can be dismissed or accepted to change the default search engine.
[#]
Researchers have developed a new acoustic side-channel attack that can guess keystrokes by analyzing the sound and timing of typing, achieving an average success rate of 43% even in noisy environments and with varying types of keyboards.
[#]
Multiple cyber events include the Remilia Collective losing millions in crypto due to compromised password management, NFPrompt being hacked, an accidental token burn potentially saved by Tether's control mechanism, Mozaic recovers most funds after a developer theft, Massachusetts targets crypto from a romance scam, a phishing attack leads to a significant Ethereum loss, Incognito Market conducts an extortion scheme post-exit scam, Kickstarter abandons a blockchain move despite a large investment motivated by user feedback, Twitter phishing nets $46 million lost in February, and an investment firm Crypto4Winners hints at sophisticated asset tampering and theft.
[#]
Hackers are scanning for servers at risk from a high-severity path traversal vulnerability in the aiohttp Python library, so administrators need to update to version 3.9.2 to protect their systems.
[#]
The CVE-2024-21762 is a recently disclosed remote code execution vulnerability affecting FortiGate devices, which Fortinet already patched in early February.
[#]
Hacktivist group Handala Hack claims to have stolen 740GB of data from Viber's servers, including its source code, and is demanding a ransom of 8 Bitcoin, while Viber investigates the alleged breach and advises users to change passwords and watch for updates.
