Cyber Creatures

    Introduction Ransomware attacks continue to be one of the most dangerous cyber threats facing organizations worldwide. Among the newer and more stealthy threats is HardBit 4.0 ransomware , an upgraded version of a malware family that has been active since 2022. HardBit 4.0 represents a significant evolution in ransomware design. Instead of relying on flashy data leaks or public shaming tactics, this ransomware focuses on quiet persistence, strong encryption, and advanced evasion techniques . Its ability to remain hidden while maintaining long-term access makes it especially dangerous for businesses and enterprises.   What Is HardBit 4.0? HardBit 4.0 is a file-encrypting ransomware operated by cybercriminals who primarily target poorly secured network services. Unlike many modern ransomware groups, HardBit actors do not operate a public leak site and do not focus on double extortion tactics. Their strategy is simple but effective: encrypt critical systems and dem...

A major security incident has shaken the JavaScript and open-source ecosystem. GitLab’s Vulnerability Research team recently uncovered a large-scale supply chain attack  targeting the npm package ecosystem  one of the most widely used software repositories in the world. This attack doesn’t just steal sensitive information. It carries something far more dangerous: a built-in “ Dead Man’s Switch ” designed to destroy user data if the attackers lose control. Below is a complete report explaining what happened, how the malware works, who is affected, indicators of compromise, and what organizations must do now. 1. Overview of the Attack The attack involves a dangerous and evolved malware variant known as Shai - Hulud . Attackers uploaded malicious npm packages that look legitimate on the surface. When a developer installs one of these packages, the malware silently activates and begins its multi-stage attack. The result is a widespread, self-spreading infection that compromises d...

What is Termux ?  Termux is an Android terminal emulator which is based on linux environment. You can perform many attacks ( ex - openport attack , ddos , mitmf , sql injection , etc ) Termux support both rooted and unrooted devices You can termux as a root to perform extra attacks which requires root access . Usage Open the app , you will see graphical interface  Click on install packages , it will download some basic packages ( make sure you are connected with internet ) Now you can use termux Before using it ( make sure you are connected with internet ) What can you do with termux  ? 1. we can perform different attacks  2. Pentesting 3. Vulnerability Scanning 4. Ethical Hacking We can do most of things using termux  How to install Termux  we can normally install termux using F-Droid After installing we have to run some command apt update && apt upgrade -y Window's Installation Download Bluestack Settings Cpu - 4 core Memory - 4gb Performance Mode...

 Introduction On September 9, 2022, Microsoft received a report from Andrea Pierini and Antonio Cocomazzi about Windows's local privilege escalation (LPE) vulnerability. This vulnerability could enable an attacker with limited privileges on a host to gain SYSTEM privileges and read/write any file on the system. Microsoft addressed the LocalPotato vulnerability in the January 2023 patch Tuesday, and a PoC was published on February 10, 2023. This vulnerability, CVE-2023-21746, permits an attacker with low-privilege account access to read/write arbitrary files with SYSTEM privileges. Although the vulnerability does not allow executing commands as SYSTEM, it can be combined with other vectors to achieve this result. On February 13, BlackArrowSec published a privilege escalation PoC that exploits the StorSvc service, permitting attackers to execute code as SYSTEM by writing a DLL file to any directory in the PATH. In this Tryhackme room, both vulnerabilities are investigated, and the go...

A cyber attack is a set of actions performed by threat actors, who try to gain unauthorized access, steal data or cause damage to computers, computer networks, or other computing systems. A cyber attack can be launched from any location. The attack can be performed by an individual or a group using one or more tactics, techniques and procedures (TTPs). The individuals who launch cyber attacks are usually referred to as cybercriminals, threat actors, bad actors, or hackers. They can work alone, in collaboration with other attackers, or as part of an organized criminal group. They try to identify vulnerabilities—problems or weaknesses in computer systems—and exploit them to further their goals. Cybercriminals can have various motivations when launching cyber attacks. Some carry out attacks for personal or financial gain. Others are “hacktivists” acting in the name of social or political causes. Some attacks are part of cyberwarfare operations conducted by nation states against their oppo...