Join the Telegram channel Residents of Russia began to receive SMS about a way to get $10 million from the US State Department. In the messages, Russians are offered this money for information about the interference of Russian hackers in the American elections. Such SMS messages are published by residents […]
News
1735 posts
Join the Telegram channel Around half a million online users were affected due to the breach of online examination software called “ProctorU,” a platform widely used in teaching institutes. The hackers, belonging to Shiny Hunters Group, recently posted the leaked data on the web, which contained details of 444,267 users, […]
Join the Telegram channel IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. PrerequisitesLinux or OS X Yara: just use the latest release source code, compile and install it (or install it via pip install yara-python) Yara Rules – You may download yara […]
Join the Telegram channel Evine is a simple, fast, and interactive web crawler and web scraper written in Golang. Evine is useful for a wide range of purposes such as metadata and data extraction, data mining, reconnaissance and testing. Follow the project on Twitter. Install From BinaryPre-build binary releases are […]
Join the Telegram channel C# port of the Get-AppLockerPolicy PS cmdlet _____ _ ___ _ _/ ___| | / _ | | | | `--.| |__ __ _ _ __ _ __ / /_ _ __ _ __ | | ___ ___| | _____ _ __ `--. '_ / _` […]
Join the Telegram channel An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats DisclaimerThis repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly recommend you […]
Join the Telegram channel By Marshall Chen, Loseway Lu, Yorkbing Yap, and Fyodor Yarochkin (Trend Micro Research) A series of ongoing business email compromise (BEC) campaigns that uses spear-phishing schemes on Office 365 accounts has been seen targeting business executives of over 1,000 companies across the world since March 2020. […]
Join the Telegram channel Findings of Link11’s Security Operations Center (LSOC) uncovered a 97% increase in the number of attacks for the months of April, May, and June in 2020 when compared with the attacks during the same period in the previous year, with an increment of 108% in May […]
Join the Telegram channel Quarterly highlights Targeted attacks The second quarter often saw phishers resort to targeted attacks, especially against fairly small companies. To attract attention, scammers imitated email messages and websites of companies whose products or services their potential victims could be using. The scammers did not try to […]
Join the Telegram channel FestIn is a tool for discovering open S3 Buckets starting from a domains.It perform a lot of test and collects information from: DNS Web Pages (Crawler) S3 bucket itself (like S3 redirections) Why FestinThere’s a lot of S3 tools for enumeration and discover S3 bucket. Some […]
Join the Telegram channel Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python. Main Features Write your own Payloads In-Memory execution Extract Password List Dashboard reporting / Web Interface Parsing Mimikatz Dumping Tickets Screenshots Known Issues Parsing Mimikatz dcsync (working on fix) Bypassing Antivirus and EDRs […]
Join the Telegram channel This blog post is part 2 of a two-part blog series recapping Rapid7’s Black Hat debriefs as part of Virtual Vegas. Check out our recap of day one here! It’s no secret that days (and time in general) are generally meaningless now—except when you get the […]
Join the Telegram channel Face recognition AI is increasingly being used at Airports and at other security outlets, especially during a pandemic to heed to proper security measures of identifying people while maintaining social distancing but a recent discovery by McAfee, a cybersecurity firm has proved that these Face Recognition […]
Join the Telegram channel It is noted that hackers use streaming platforms, TV series and movies to distribute advertising and malware. They can add them to files with the names of popular shows, or use well-known brands to conduct phishing attacks, said Dmitry Galov, a cybersecurity expert at Kaspersky […]
Join the Telegram channel Alexander Vurasko, a leading Infosecurity analyst at Softline Company, said that during the pandemic, scammers learned how to qualitatively fake food and electronics delivery sites. Over the past four months, 56 clones have appeared at Delivery Club, and at least 30 at Yandex.Food. Companies try to […]
Join the Telegram channel As we continue to track web threats and credit card skimming in particular, we often rediscover techniques we’ve encountered elsewhere before. In this post, we share a recent find that involves what is known as an homoglyph attack. This technique has been exploited for some time […]
Join the Telegram channel In June 2020, the online exam service ProctorU suffered a data breach which was subsequently shared extensively across online hacking communities. The breach contained 444k user records including names, email and physical addresses, phones numbers and passwords stored as bcrypt hashes. The data was provided […]
Join the Telegram channel Download full report (PDF) As an incident response service provider, Kaspersky delivers a global service that results in global visibility of adversaries’ cyber-incident tactics and techniques used in the wild. In this report, we share our teams’ conclusions and analysis based on incident responses and statistics […]
Join the Telegram channel Introduction I’ve been tracking malicious Word documents from the TA551 (Shathak) campaign This year, we’ve seen a lot of Valak malware from TA551, but in recent weeks this campaign has been pushing IcedID malware tp English-speaking targets. Shown above: Flow chart for this campaign in recent […]
Join the Telegram channel Yesterday, I found a new malicious Powershell script that deserved to be analyzed due to the way it was dropped on the victim’s computer. As usual, the malware was delivered through a malicious Word document with a VBA macro. A first observation reveals that it’s a […]
Join the Telegram channel A TCP tunneling suite built with golang and gRPC. gTunnel can manage multiple forward and reverse tunnels that are all carried over a single TCP/HTTP2 connection. I wanted to learn a new language, so I picked go and gRPC. Client executables have been tested on windows […]