Locky ransomware is back, again… It’s delivered with the help of new tricks to fool users and anti-malware defences. Delivered through one of the largest spam campaigns in H2 2017 – as many as 23 million sent messages per day – the newest variant adds the .lukitus extension to the […]

Locky ransomware back with a new bag of tricks

Time is the most important factor in detecting network breaches and, consequently, in containing cyber incidents and mitigating the cost of a breach. “Security event investigations can last hours, and a full analysis of an advanced threat can take days, weeks or even months. Even large security operations center (SOC) teams […]

AI is key to speeding up threat detection and response

The dump is relatively small, containing around 3MB of files. https://pastebin.com/L48e49AK At the end of July, anonymous hackers published documents stolen from an employee of cybersecurity firm FireEye, and claimed that more data would follow. On Monday, the hackers seemingly followed up, and released a second cache of alleged documents, passwords, and […]

Hackers Mock Cybersecurity Firm FireEye with Second Data Dump

The UK Government’s Department of Digital, Culture, Media and Sport (DCMS) has announced that firms could face fines of up to £17m or 4% of global turnover if they fail to protect themselves from cyberattacks. The introduction of such financial penalties will be carried out by the data protection regulator, […]

Fines of £17m for unprotected UK firms

Description Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Installation $ git clone https://github.com/m4ll0k/Spaghetti.git $ cd Spaghetti $ pip install -r […]

Spaghetti – Web Application Security Scanner

If like me you want to customise your Squid Proxy error page then , you have come to the correct place. Before we start, i have already setup transparent proxy on port 80 and WPAD to cover the HTTPS stuff. Go do that then come back, ( i can’t be […]

Custom Access Denied Page – PfSense Squid Proxy

HatCloud is built in Ruby. It allows you to discover the real IP address of a host that is being hidden by CloudFlare. This can be useful if you need test your server and website. obviously it can also be used for malicious purposes, but hey so can a car! […]

HatCloud : Tool to uncover real IP address of servers ...

Have you ever done a domain password audit? Well yes the cracking of the passwords can be fun depending on the rig your using, but what happens after that? Yeah…… the reporting! There are some tools that give stats but none of the can compare to this new tool “PasswordStats”. […]

PasswordStats – A cool new password reporting tool

Malware analysis is like defusing bombs. The objective is to disassemble and understand a program that was built to do harm or spy on computer users (oops, this is where the bomb analogy fails, but one gets the point). That program is often obfuscated (ie: packed) to make the analysis […]

Malboxes: a Tool to Build Malware Analysis Virtual Machines

Last weekend a security researcher publicly disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months. The zero-day memory corruption flaw resides in the implementation of the SMB (server message block) network file sharing protocol that could […]

Windows SMB Zero-Day Exploit Released in the Wild after Microsoft ...

Visitors to more than 10,000 Tor-based websites were met with an alarming announcement this morning: “Hello, Freedom Hosting II, you have been hacked.” A group affiliating itself with Anonymous had compromised servers at Freedom Hosting II, a popular service for hosting websites accessible only through Tor. Roughly six hours after […]

An Anonymous group just took down a fifth of the ...

As we connect more and more devices to the internet, we create more and more potential security vulnerabilities. While we’re usually aware of the gadgets we use every day — our PCs, smartphones, and tablets — we might now always think about just how secure are all of our other […]

Cisco Prime Home: Hackers in your network?

So due to the UK government being dicks and forcing all UK ISPs for store logs for 1 year of all visited websites, I decided to go ahead and start using a dedicated VPN service. I had a look around and decided that NordVPN was going to be the best […]

Snoopers Charter + PfSense + NordVPN Tutorial

Portable Power Banks are a great way to stay connected when travelling, out and about or even just to give a little top up during the day. Plenty Of Room Here Your Nuvio Power Bank comes with a 5000mAh capacity Lithium Polymer battery, ready when you are Whatever Your Need, […]

Nuvio Power Bank Review

Customer information from more than 130,000 users of the Three mobile network has been compromised in a cyber security breach, the mobile operator has said. Three boss, Dave Dyson, said in a statement that all affected customers were being contacted individually and that while personal information had been accessed, no […]

Three Mobile Data Breach