Ethical Hacking Techniques

AI security/securing the use of AI is going to kill me. I use Claude Code almost daily. It's a problem.... Here's what I have to change AGAIN this week. Security researcher Ari Marzuk disclosed 30+ vulnerabilities across AI coding tools. Cursor. GitHub Copilot. Windsurf. Claude Code. All of them. He called it IDEsaster. The attack chain includes prompt injection, hijacking LLM context, and auto-approved tool calls executing without permission. Then, legitimate IDE features are weaponized for data exfiltration and RCE. Your .env files. Your API keys. Your source code. Accessible through features you thought were safe. Most studies I read claim that around 85% of developers now use AI coding tools daily. Most have no idea their IDE treats its own features as inherently trusted. 𝗦𝗼... 𝗮𝗳𝘁𝗲𝗿 𝗿𝗲𝘃𝗶𝗲𝘄𝗶𝗻𝗴 𝗔𝗿𝗶'𝘀 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵, 𝗵𝗲𝗿𝗲'𝘀 𝗜 𝘄𝗶𝗹𝗹 𝗯𝗲 𝗱𝗼𝗶𝗻𝗴... Be warned: All this is SO much easier said than done! Audit every MCP server connection. Checked for tool poisoning vectors where legitimate tools might parse attacker-controlled input from GitHub PRs or web content. Removed servers I couldn't verify. Disabled auto-approve for file writes. The attack chains weaponize configuration files and project instructions like .claude/settings.json and CLAUDE.md. One malicious write to these files can alter agent behavior or achieve code execution without additional user interaction. Move all credentials to a secrets manager. No .gitignored .env files in agent-accessible directories. API keys live in 1Password CLI. Environment variables inject at runtime through a wrapper script the LLM never sees. Start running Claude Code in isolated containers. Mounted volumes limited to specific project directories. No access to ~/.ssh, ~/.aws, or ~/.config. If the agent gets compromised, blast radius stays contained. Enable all security warnings. Claude Code added explicit warnings for JSON schema exfiltration and settings file modifications. These exist because Anthropic knows the attack surface. Add pre-commit hooks for hidden characters. Prompt injections hide in pasted URLs, READMEs, and file names using invisible Unicode. Flag non-ASCII characters in any file the agent might ingest. The fix isn't to stop using AI coding tools. The fix is to stop trusting them implicitly. What controls do you have for AI tools with write access to your codebase? 👉 Follow for more AI and cybersecurity insights with the occasional rant #AISecurity #DevSecOps

🚨𝗪𝗲 𝗣𝘄𝗻𝗲𝗱 𝗚𝗼𝗼𝗴𝗹𝗲 𝗚𝗲𝗺𝗶𝗻𝗶 𝗮𝗻𝗱 𝗺𝘂𝗹𝘁𝗶𝗽𝗹𝗲 𝗼𝘁𝗵𝗲𝗿 𝗙𝗼𝗿𝘁𝘂𝗻𝗲 𝟱𝟬𝟬 𝗰𝗼𝗺𝗽𝗮𝗻𝗶𝗲𝘀 𝗯𝘆 𝘂𝘀𝗶𝗻𝗴 𝗽𝗿𝗼𝗺𝗽𝘁 𝗶𝗻𝗷𝗲𝗰𝘁𝗶𝗼𝗻 𝗶𝗻 𝘁𝗵𝗲𝗶𝗿 𝗚𝗶𝘁𝗛𝘂𝗯 𝗔𝗰𝘁𝗶𝗼𝗻𝘀 Rein Daelman and the rest of the Aikido Security research team uncovered a new class of GitHub Actions vulnerabilities triggered by using AI agents (Gemini, Claude Code Actions, OpenAI Codex, GitHub AI Inference) within GitHub Action workflows. 𝗕𝗲𝗰𝗮𝘂𝘀𝗲 𝗮𝗹𝗹 𝘁𝗵𝗲 𝗴𝗼𝗼𝗱 𝘃𝘂𝗹𝗻𝘀 𝗵𝗮𝘃𝗲 𝗰𝘂𝘁𝗲 𝗻𝗮𝗺𝗲𝘀 𝗻𝗼𝘄, 𝘄𝗲 𝗮𝗿𝗲 𝗰𝗮𝗹𝗹𝗶𝗻𝗴 𝘁𝗵𝗶𝘀 𝗣𝗿𝗼𝗺𝗽𝘁𝗣𝘄𝗻𝗱  As you may guess by the name, it is essentially prompt injection through the GitHub actions workflow, which is pretty wild. The problem is actually quite simple: untrusted data, like a commit message, is being used within prompts for GitHub Actions. The result is that we can use this to get AI tools to perform like posting secrets publicly.  𝗨𝗻𝘁𝗿𝘂𝘀𝘁𝗲𝗱 𝘂𝘀𝗲𝗿 𝗶𝗻𝗽𝘂𝘁 → 𝗶𝗻𝘀𝗲𝗿𝘁𝗲𝗱 𝗶𝗻𝘁𝗼 𝗔𝗜 𝗽𝗿𝗼𝗺𝗽𝘁𝘀 → 𝗔𝗜 𝗮𝗴𝗲𝗻𝘁𝘀 𝗲𝘅𝗲𝗰𝘂𝘁𝗲 𝗽𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲𝗱 𝗚𝗶𝘁𝗛𝘂𝗯 𝘁𝗼𝗼𝗹𝘀 → 𝘀𝗲𝗰𝗿𝗲𝘁𝘀 𝗹𝗲𝗮𝗸𝗲𝗱 𝗼𝗿 𝘄𝗼𝗿𝗸𝗳𝗹𝗼𝘄𝘀 𝗺𝗮𝗻𝗶𝗽𝘂𝗹𝗮𝘁𝗲𝗱. A single issue, PR description, or commit message can silently contain instructions the AI will follow. Example of a vulnerable pattern inside a GitHub Action: 𝘱𝘳𝘰𝘮𝘱𝘵: | 𝘙𝘦𝘷𝘪𝘦𝘸 𝘵𝘩𝘦 𝘪𝘴𝘴𝘶𝘦: "${{ 𝘨𝘪𝘵𝘩𝘶𝘣.𝘦𝘷𝘦𝘯𝘵.𝘪𝘴𝘴𝘶𝘦.𝘣𝘰𝘥𝘺 }}" That innocent line can leak your GITHUB_TOKEN, cloud access tokens, or API keys, because the AI treats attacker-controlled text as instructions, then uses its built-in tools (like gh issue edit) to execute them. Following our disclosure in August, Google patched the Gemini CLI workflow which is no longer vulnerable and we have sent out multiple disclosures to other orgs. 𝗛𝗼𝘄 𝘁𝗼 𝗰𝗵𝗲𝗰𝗸 𝗶𝗳 𝘆𝗼𝘂'𝗿𝗲 𝗮𝗳𝗳𝗲𝗰𝘁𝗲𝗱 ✔️ Scan your GitHub Action files with Opengrep (we created open-source rules to detect this)  ✔️ Or scan with Aikido Security, our free version flags vulnerable patterns automatically 𝗛𝗼𝘄 𝘁𝗼 𝗳𝗶𝘅 𝗶𝘁 – Restrict which tools your AI agents can call  – Don’t inject untrusted user text into prompts  – Sanitize/validate user input if unavoidable  – Treat AI output as untrusted code AI in CI/CD is powerful… but also a brand-new attack surface. If you’re using AI inside GitHub Actions, now is the time to audit your workflows. Link in comments friends.

Red Team Exercises #9 - Process Injection Process injection is a technique that allows the execution of malicious code within a legitimate process, with variations such as self-injection, classic DLL injection, PE injection, process hollowing, thread execution hijacking, mapping injection, APC injection, atom bombing, process doppelganging, and an interesting one called Mockingjay. The utility of process injection in Red Team exercises is to enable the stealthy execution of malicious code within legitimate processes, helping to evade detection by defensive systems such as EDRs and antivirus software. Additionally, process injection facilitates persistence in the target environment and allows for the execution of malicious actions without raising immediate suspicion. About MockingJay The Mockingjay by Thiago Peixoto technique involves exploiting DLLs with Read-Write-Execute (RWX) sections to perform stealthy code injection, minimizing detection by defensive software like EDRs. By identifying legitimate DLLs, such as msys-2.0.dll, that have pre-existing RWX sections, it is possible to avoid allocating new memory and using common APIs like NtWriteVirtualMemory and NtProtectVirtualMemory. The process involves loading the vulnerable DLL, calculating the RWX section's address, and injecting malicious code directly into it, using the Hell's Gate technique to create syscall stubs and remove EDR hooks without detection. This approach optimizes code injection by avoiding monitored operations, utilizing the pre-allocated and protected memory of the legitimate DLL, making the technique effective for EDR/AV evasion. More details: https://lnkd.in/dw27iUSc I wanted to hear from you, which process injection technique do you use most? PoCs: https://lnkd.in/dANsyWD2 (Centralized resource for listing and organizing known process injection techniques and POCs) https://lnkd.in/dErpgsAT (Mockingjay) https://lnkd.in/dCNnhCf5 (Mockingjay 2) https://lnkd.in/d-AkuUPp (Mockingjay BOF) For Blue Teams: https://lnkd.in/dK2gd9a8 https://lnkd.in/daNAChSv https://lnkd.in/ds6786Sp Image credits: Caueb Mockingjay Technique (https://lnkd.in/dErpgsAT) #redteam #cybersecurity #Informationsecurity #pentest #processinjection #redteamexercises

New research from Google Threat Intelligence Group (GTIG) details how PRC-nexus 🇨🇳 APT41 is leveraging innovative tactics, including the use of Google Calendar for command and control (C2). In late October 2024, we discovered APT41 exploiting a government website to deliver a novel malware family TOUGHPROGRESS. TOUGHPROGRESS utilizes Google Calendar to exfiltrate data and receive commands, an evolution in APT41's misuse of cloud services to blend in with legitimate traffic. The malware uses several obfuscation techniques, including memory-only payloads and intricate control flow obfuscation. GTIG has taken action to disrupt this campaign by terminating attacker-controlled infrastructure, updating Safe Browsing, and providing detection signatures. Our report also discusses APT41's broader use of free web hosting tools for malware distribution. Full report available here: https://lnkd.in/gPv7bPQj

#ASD and international partners have released an advisory on the tradecraft of a #PRC-backed threat actor named #APT40, and it's well worth a read, whether you are in Government or the private sector. APT40 is code for a group backed by the PRC's Ministry of State Security (#MSS). The MSS is engaged in intelligence gathering and foreign interference activities, including cyber warfare. APT40, based in Haikou, Hainan Province, has been targeting Government and private sector entities around the world since 2017. Their objectives appear to be maintaining persistence in order to exfiltrate data. How does APT40 go about their activities? 🔴 Exploit small office / home office (SOHO) routers as proxies to hide their origins among normal traffic 🔴 Target vulnerable systems on the edge of networks, such as MS Exchange, Atlassian Confluence, and Log4j (commonly found in Java applications), 🔴 Deploying web shells - uploaded code snippets that allow commands to be executed on the remote host, eg. a malicious .aspx file dropped in a public directory on an OWA server 🔴 Conduct internal recon to enumerate victim hosts and accounts 🔴 Move laterally, stealing credentials, then exfiltrating data via existing Command and Control (C2) channels None of the TTPs described in the report are "top shelf" exploitation. This is clever use of well-known exploits against well-known vulnerabilities. Why expose clever TTPs if you don't need to? The advisory contains a few indicators, detection rules, and recommended mitigations. Here is a summary of mitigations: 🔵 Look for process executions in unusual directories or world-writable locations, eg. why is there a process running from C:\WIndows\Temp? (Allow listing would probably prevent this.) 🔵 Implement logging in a centralized location with a suitable retention period 🔵 Patch! The common factor in the listed vulnerabilities (CVE 2021 44228, CVE-2021-31207, CVE-2021- 26084, CVE-2021-31207, CVE-2021-34523; CVE-2021-34473) is that they were all discovered (and presumably patched) in 2021! 🔵 Segment your network - impose costs by forcing the adversary to conduct recon and lateral movement on hard mode. Use jump servers to access sensitive hosts such as auth. 🔵 Other strategies covered in the Essential 8, eg. MFA, restricting admin privs and office macros I for one am glad to see a return to Mandiant-style "APT" codenames rather than the new-fangled monikers like "Electric Tempest". But I would like to see structured threat intelligence released with these reports, eg. STIX JSON format, and hopefully someday soon, structured hunting and response playbooks in CACAO JSON! But I will have more to say about CACAO another day...

Another wave of hyper-personalized social engineering attacks by a state sponsored threat actor, targeting defense & government officials. 𝘛𝘩𝘦 𝘮𝘰𝘥𝘶𝘴 𝘰𝘱𝘦𝘳𝘢𝘯𝘥𝘪 𝘪𝘴 𝘯𝘰𝘵 𝘶𝘯𝘧𝘢𝘮𝘪𝘭𝘪𝘢𝘳, 𝘢𝘯𝘥 𝘪𝘵 𝘪𝘴 𝘶𝘴𝘦𝘥 𝘣𝘺 𝘮𝘶𝘭𝘵𝘪𝘱𝘭𝘦 𝘰𝘵𝘩𝘦𝘳 𝘴𝘵𝘢𝘵𝘦-𝘣𝘢𝘤𝘬𝘦𝘥 𝘢𝘤𝘵𝘰𝘳𝘴 𝘵𝘰𝘰 (𝘣𝘦𝘤𝘢𝘶𝘴𝘦 𝘪𝘵 𝘰𝘧𝘵𝘦𝘯 𝘸𝘰𝘳𝘬𝘴 𝘲𝘶𝘪𝘵𝘦 𝘸𝘦𝘭𝘭). In this case, the group known as APT42/SpearSpecter: 🔹 Conducted extensive reconnaissance on specific targets via social media, public databases, and professional networks. -->This later enabled them to impersonate people from the victim's affiliations and craft believable scenarios involving exclusive 𝒄𝒐𝒏𝒇𝒆𝒓𝒆𝒏𝒄𝒆𝒔 𝒐𝒓 𝒔𝒕𝒓𝒂𝒕𝒆𝒈𝒊𝒄 𝒎𝒆𝒆𝒕𝒊𝒏𝒈𝒔.. 🔹 They devoted weeks to approach their targets, sustain multi-day conversation and slowly build personalized relationships with them. They often used WhatsApp to do so. ❗ What's unique: They 𝒂𝒍𝒔𝒐 𝒂𝒑𝒑𝒓𝒐𝒂𝒄𝒉𝒆𝒅 𝒇𝒂𝒎𝒊𝒍𝒚 𝒎𝒆𝒎𝒃𝒆𝒓𝒔 of their targets in order to further build trust & credibility, and apply subtle pressure n their main targets. 🔹 Eventually, the group would either direct victims to spoofed meeting pages that harvest credentials, or (if the end goal is persistent long-term access) the attacks lead to the deployment of a known PowerShell backdoor dubbed TAMECAT. 🔸 It is paramount to train your high value targets on hyper-personalized social engineering, especially if you work in industries relating to the 𝒄𝒓𝒊𝒕𝒊𝒄𝒂𝒍 𝒊𝒏𝒇𝒓𝒂𝒔𝒕𝒓𝒖𝒄𝒕𝒖𝒓𝒆, 𝒈𝒐𝒗𝒆𝒓𝒏𝒎𝒆𝒏𝒕, 𝒅𝒆𝒇𝒆𝒏𝒔𝒆, 𝒐𝒓 𝒄𝒖𝒕𝒕𝒊𝒏𝒈-𝒆𝒅𝒈𝒆 𝒓𝒆𝒔𝒆𝒂𝒓𝒄𝒉. This is yet another social engineering attack that almost solely relies on the target for detection & defense on this initial phase of exploitation. More Details: https://lnkd.in/eD8ePyxp https://lnkd.in/eueDR-9z #socialengineering #cyberttack #ThreatIntelligence

SYN Flood is one of the oldest denial-of-service attacks, and it is still effective today. Here's what happens under the hood... A TCP connection is established with a three-way handshake: the client sends a SYN, the server responds with a SYN-ACK, and the client completes it with an ACK. What's interesting is that during this process, the server allocates memory for each half-open connection in a backlog queue. In a SYN Flood, an attacker sends thousands of SYN packets but never completes the handshake. The server keeps waiting for ACKs that never arrive, and the backlog queue fills up. Once it is full, legitimate users can not connect anymore. Thus, a DoS attack. What makes this attack effective is the 'asymmetry' - the attacker sends tiny packets with minimal effort, but the server has to allocate resources for each one. A single low-powered machine can overwhelm a much more powerful server. Fun fact: SYN floods have taken down GitHub, Cloudflare, and several databases in the past. To defend against SYN flooding, we can: 1. Cap the number of SYN packets from a single IP 2. Drop packets from known malicious sources 3. Or, the most effective, use SYN Cookies With SYN cookies, the server does not store anything. Instead, it encodes all the necessary connection information (client IP, port, and a timestamp) into the initial sequence number of the SYN-ACK packet it sends back. This sequence number is cryptographically generated, so it cannot be forged. SYN cookies make the handshake effectively stateless on the server side until it's fully verified, so the server does not reserve any resources until it knows the client is real. By the way, most modern operating systems have SYN cookie support built in. On Linux, we can enable it with `net.ipv4.tcp_syncookies = 1`. If you are interested, the Wikipedia pages are pretty well written for understanding this, and as always, you can use your favorite LLM to dig deeper.

A new Advanced Persistent Threat (APT) that is targeting HR and payroll, CISOs need to take a note. When cybercriminals go after HR, payroll, and internal admin teams, they're not just stealing data, they’re attacking the operational backbone of an organisation. And that’s exactly what our APT Research Team at Seqrite Labs has just uncovered. Over the past week, our researchers identified a new multi-stage attack campaign targeting Russian corporate entities, using extremely convincing HR themed lures. What looks like an “annual bonus policy” PDF is actually the entry point to a stealthy infection chain that delivers a custom implant we’ve named DUPERUNNER, followed by an AdaptixC2 beacon. For CISOs, the message is simple: > Threat actors are shifting left, going after internal business workflows that employees implicitly trust. > A single click in HR can give attackers the same access as a compromised domain controller. > Financial, reputational, and operational risks multiply when attackers remain hidden inside your environment.   Our Seqrite APT team’s deep dive reveals: • A spear-phishing chain built around benign looking HR documents • A previously unknown C++ implant (DUPERUNNER) capable of process injection • A stealthy AdaptixC2 beacon used for command and control • A dedicated malicious infrastructure operated across ASNs in Russia This campaign shows how threat actors are moving toward social engineering that looks legitimate and fits into daily routines. A single click in an HR department can give an attacker access equal to or greater than a compromised server. It is the kind of threat many leaders casually scroll past on LinkedIn until it hits their own organisation. At Seqrite, our protection layers already detect and block each stage of this attack but the larger story is that attack surfaces are evolving faster than traditional defences. We have added full technical details, infrastructure information and IOCs in the blog. You can read the full research here: https://lnkd.in/d9qm-dsq Full credit to our researchers at Seqrite Labs who led this investigation. Outstanding work by the team behind this analysis and write up that includes: Subhajeet Singha Priya Patel Nandini Seth Jyoti Karlekar Quick Heal #CyberSecurity #APT #ThreatIntelligence #CISO #MalwareAnalysis #Infosec #CyberAttack #EnterpriseSecurity #SeqriteLabs #CyberThreats #ThreatResearch #DUPERUNNER #AdaptixC2

🚨Five Eyes Trends on Exploits: Insights from the 2023 Top Routinely Exploited Vulnerabilities Earlier this week, the cybersecurity agencies of the Five Eyes nations—the U.S., U.K., Australia, Canada, and New Zealand—issued a stark warning that highlights a new reality: zero-day vulnerabilities are becoming the “new normal” in cyber exploits. This marks a significant departure from 2022 and 2021 when older, more established vulnerabilities were most frequently targeted. Today, adversaries are increasingly exploiting freshly disclosed zero-day vulnerabilities, often within hours of discovery. The advisory reveals that many of these targeted devices (think of VPNs, SSL gateways, and remote management consoles) are on the periphery of an organization’s network. Do you recognize a trend here? 👀 These edge devices are prime targets and typically lack robust logging or agent-based monitoring capabilities. It can challenging for organizations to know when these type of devices have been pwned. Organizations frequently face a race condition with adversaries— from initial exploitation of the vulnerability, to community recognition, vendor patch release, and eventual patching by the organization. This trend underscores the importance of employing Zero Trust principles, where nothing is blindly trusted within the network. A properly architected Zero Trust and Secure Access Service Edge (SASE) approach can enable organizations to detect and block adversaries before they can cause significant compromise. The advisory explicitly encourages leveraging CISA’s Zero Trust Maturity Model (ZTMM) and the Department of Defense’s Zero Trust guidance, pushing organizations toward a resilient, secure-by-design architecture. As the UK’s NCSC CTO Ollie Whitehouse observed, this “new normal… should concern end-user organizations and vendors alike as malicious actors seek to infiltrate networks.” To combat this, network segmentation and SASE solutions can play a critical role in halting lateral movement and keeping this “new normal” in check. 🛡️ With the right architecture, organizations can mitigate risks and stop threats before they gain a foothold. Full disclosure: I am a co-author of CISA's Zero Trust Maturity Model. The Five Eyes CSA is attached. The NCSC’s website with Mr. Whitehouse’s comments is cited in the comments. #technology #softwareengineering #programming #strategy #computersecurity #cloudcomputing #informationsecurity #zscaler #riskmanagement #cybersecurity #zerotrust

𝗧𝗿𝗮𝗻𝘀𝗽𝗮𝗿𝗲𝗻𝘁 𝗧𝗿𝗶𝗯𝗲’𝘀 𝗡𝗲𝘄 𝗥𝗔𝗧 𝗖𝗮𝗺𝗽𝗮𝗶𝗴𝗻: 𝗔 𝗥𝗲𝗻𝗲𝘄𝗲𝗱 𝗖𝘆𝗯𝗲𝗿-𝗘𝘀𝗽𝗶𝗼𝗻𝗮𝗴𝗲 𝗧𝗵𝗿𝗲𝗮𝘁 𝘁𝗼 𝗜𝗻𝗱𝗶𝗮 India’s cyber front is under constant pressure silent, persistent, and continuously evolving. The latest reminder comes from a renewed cyber espionage campaign linked to Transparent Tribe (APT36), a well known threat actor with a long history of targeting Indian interests. According to CYFIRMA, the campaign targets Indian government bodies, academic institutions, and strategic organisations, underscoring ongoing, long-term intelligence gathering efforts against the country. What Makes This Campaign Dangerous? This operation is not noisy ransomware or defacement it’s covert cyber espionage. The attack chain begins with phishing emails carrying ZIP attachments. Inside these archives are malicious Windows shortcut (LNK) files, cleverly disguised as PDF documents. Once a victim opens the file: - A Remote Access Trojan (RAT) is deployed silently in the background - A decoy PDF is displayed to reduce suspicion - The attacker gains persistent access to the system This combination of social engineering and stealthy execution allows the malware to remain undetected for extended periods. Adaptive Malware Built for Persistence One of the most concerning aspects of this campaign is the malware’s adaptive behavior. Researchers observed that the RAT dynamically adjusts its persistence mechanisms based on the antivirus or endpoint protection installed on the victim’s machine. Once fully deployed, the payload allows attackers to: - Steal sensitive data - Control and manipulate files - Capture screenshots - Monitor clipboard activity - Execute commands remotely These capabilities make it a powerful surveillance tool rather than a short-term attack. A Familiar Pattern, A Long Term Strategy Active since at least 2013, Transparent Tribe has steadily evolved its tools and techniques. Previous campaigns have used malware such as CapraRAT, Crimson RAT, ElizaRAT, and DeskRAT each improving stealth and control. CYFIRMA warns that the group remains strategically driven, focused on long-term intelligence collection rather than short-term disruption. Parallel Threat Activity: Patchwork (Maha Grass) Security researchers have also flagged related activity by Patchwork, another advanced threat group targeting defence and strategic sectors. This group has been linked to new spyware frameworks that rely on: - Advanced obfuscation - Long term persistence - Low visibility execution Together, these campaigns highlight a broader and ongoing threat to India’s strategic digital ecosystem. Why This Matters for India ? These attacks highlight a critical reality: modern cyber warfare is rarely loud. It is quiet, long term surveillance aimed at stealing intelligence, research, and strategic insights. Awareness is the first step. Preparedness is the next.