Jump to content




IMPORTANT
We are happy to let you know that SIRUMIUM (ex crimeclub) is back online.
If you are old vendor here you will have one month bonus on your advertise and free banner in rotation.

ADVERTISE

Samurai

VIP
  • Content count

    11
  • Joined

  • Last visited

  • Days Won

    16

Samurai last won the day on September 1

Samurai had the most liked content!

Community Reputation

3 Neutral

1 Follower

About Samurai

Recent Profile Visitors

163 profile views
  1. Selling access to weetseeds.es. For details and price PM.
  2. Source: https://www.fireeye.com/blog/threat-research/2020/08/hands-on-introduction-to-mandiant-approach-to-ot-red-teaming.html Operational technology (OT) asset owners have historically considered red teaming of OT and industrial control system (ICS) networks to be too risky due to the potential for disruptions or adverse impact to production systems. While this mindset has remained largely unchanged for years, Mandiant's experience in the field suggests that these perspectives are changing; we are increasingly delivering value to customers by safely red teaming their OT production networks. This increasing willingness to red team OT is likely driven by a couple of factors, including the growing number and visibility of threats to OT systems, the increasing adoption of IT hardware and software into OT networks, and the maturing of OT security teams. In this context, we deemed it relevant to share some details on Mandiant's approach to red teaming in OT based on years of experience supporting customers learning about tangible threats in their production environments. In this post we introduce Mandiant's approach to OT red teaming and walk through a case study. During that engagement, it took Mandiant only six hours to gain administrative control on the target's OLE for Process Control (OPC) servers and clients in the target's Distributed Control System (DCS) environment. We then used this access to collect information and develop an attack scenario simulating the path a threat actor could take to prepare for and attack the physical process (We highlight that the red team did not rely on weaknesses of the DCS, but instead weak password implementations in the target environment). NOTE: Red teaming in OT production systems requires planning, preparation and "across the aisle" collaboration. The red team must have deep knowledge of industrial process control and the equipment, software, and systems used to achieve it. The red team and the asset owner must establish acceptable thresholds before performing any activities. Visit our website for more information or to request Mandiant services or threat intelligence. Mandiant's Approach for Safe Red Teaming in OT Mandiant's approach to red teaming OT production systems consists of two phases: active testing on IT and/or OT intermediary systems, and custom attack modeling to develop one or more realistic attack scenarios. Our approach is designed to mirror the OT-targeted attack lifecycle—with active testing during initial stages (Initial Compromise, Establish Foothold, Escalate Privileges, and Internal Reconnaissance), and a combination of active/passive data collection and custom threat modeling to design feasible paths an attacker would follow to complete the mission.
  3. PM sent.
  4. Selling access to one of their websites (not subdomain, main site, database included!). For price and details send PM.
  5. Only small dump from bank access. Bigger dumps comming soon. https://anonfiles.com/V1e6QbO9o3/unity-bank_sql
  6. https://anonfiles.com/935aO8O0o2/www.book2park.com_zip
  7. Jordan military files. https://anonfiles.com/b3y2O7Ofo2/miljo_zip
×