SIGRed – CVE-2020-1350 – Wormable DNS
SIGRed (CVE-2020-1350) is a wormable, critical vulnerability (CVSS base score of 10.0) in the Windows DNS server that affects Windows...
Day: 14 July 2020
Stalkerware advertising ban by Google a welcome, if incomplete, step
On Friday, July 10, Google announced it would no longer allow advertising for spyware and similar surveillance technology—often referred to...
X64Dbg – An Open-Source X64/X32 Debugger For Windows
An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the...
Unlocking the Power of Macro Authentication in Application Security: Part Three
This blog post is part three of our three-part series on macro authentication. Be sure to catch up on part...
The Tetrade: Brazilian banking malware goes global
Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is...
5 Best Smart Home Hubs 2020
What once seemed like science fiction is now a reality: we are building smart homes. However, the more smart devices...
More Chinese tax software found to dish out backdoor malware
A second tax software program associated with the Chinese banking industry has now been found to contain an embedded backdoor...
A week in security (July 6 – 12)
Last week on Malwarebytes Labs, we took an in-depth look at card skimmers targeting ASP sites, we released another episode...
Telegraph service was unblocked in Russia
Russia stopped blocking the popular Telegram messenger almost a month ago. However, the related Telegraph service continued to be blocked....
Zoom Zero-Day Allowed Remote Code Execution, Patch Issued
Video and audio conferencing software, Zoom patched a zero-day vulnerability that was affecting users running old versions of Windows: Windows...
Trojans, Backdoors and Droppers the Top Three Malware Globally?
According to a few recent surveys and analysis conducted by some well-known and influential cybersecurity agencies, there are approximately 3...
How Content Abuse is giving rise to online Frauds, explains SIFT
A report from Sift on 'Content Abuse and the Fraud Economy' explores the rising arena of online frauds and content...
DroneSploit – Drone Pentesting Framework Console
This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on...
Padding-Oracle-Attacker – CLI Tool And Library To Execute Padding Oracle Attacks Easily
CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.InstallMake...
Citizen Science and Medical Consumerism: Confronting the Tech Wisdom Gap in Modern Healthcare
In our latest episode of Security Nation, we spoke with Nina Alli, executive director of the Biohacking Village, to discuss...
Rapid7 joins CFAA brief to the Supreme Court
Rapid7 joined a brief to the US Supreme Court on the chilling effect of the overbroad Computer Fraud and Abuse...
