JPCERT/CC verified a number of events in which threat actors were seen using CrossC2, an unofficial extension tool that creates Cobalt Strike Beacons that work with Linux and macOS. This campaign, which targeted Active Directory (AD) infrastructures, involved the use of CrossC2 alongside established tools such as PsExec for lateral movement, Plink for SSH tunneling, […]
The post Threat Actors Leverage CrossC2 to Extend Cobalt Strike to Linux and macOS appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Creator, Author and Presenter: Patrick O'Doherty
Our deep appreciation to Security BSides - San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.
Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!
The post BSidesSF 2025: Don’t Trust, Verify! – How I Found A CSRF Bug Hiding In Plain Sight appeared first on Security Boulevard.
Cisco Talos researchers have uncovered an aggressive malware campaign active since early 2025, deploying a sophisticated multi-stage framework dubbed PS1Bot, primarily implemented in PowerShell and C#. This threat actor leverages malvertising and SEO poisoning to distribute compressed archives with file names mimicking legitimate search queries, such as “chapter 8 medicare benefit policy manual.zip” or “pambu […]
The post PS1Bot: Multi-Stage Malware Framework Targeting Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.