Alert for Smart Phone Users, How Their Data is Extracted by Apps Via Location Tracking
With more mobile apps entering the new world of smartphone users, only a few know about the dangers of the...
Chinese Hackers Cloned Exploit Tool Belonging to NSA
A Chinese hacking group allegedly "cloned" and deployed a zero-day exploit created by the U.S. National Security Agency's Equation Group...
HaE – BurpSuite Highlighter And Extractor
HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages.Read Chinese simplified version...
RAT-el – An Open Source Penetration Test Tool That Allows You To Take Control Of A Windows Machine
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works...
FIN11 cybercrime group is behind recent wave of attacks on FTA servers
FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka...
NurseryCam daycare cam service shut down after security breach
Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. On...
Ukraine sites suffered massive attacks launched from Russian networks
Ukraine ‘s government accused unnamed Russian traffic networks as the source of massive attacks on Ukrainian security and defense websites....
Georgetown County has yet to recover from a sophisticated cyber attack
The systems of Georgetown County have been hacked at the end of January, and the county staff is still working...
CVE-2017-14119
Summary: In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\snmpwalk.php does not properly restrict popen calls, which allows remote attackers...
CVE-2017-14118
Summary: In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote attackers...
CVE-2017-13780
Summary: The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file...
CVE-2019-14923
Summary: EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. Reference Links(if available): https://www.eyesofnetwork.com/?p=2072 https://www.exploit-db.com/exploits/47280...
CVE-2021-22553
Summary: Any git operation is passed through Jetty and a session is created. No expiry is set for the session...
Filmai.in – 645,786 breached accounts
In approximately 2019 or 2020, the Lithuanian movie streaming service Filmai.in suffered a data breach exposing 645k email addresses, usernames...
NurseryCam – 10,585 breached accounts
In February 2021, a series of egregiously bad security flaws were identified in the NurseryCam system designed for parents to...
People’s Energy – 358,822 breached accounts
In December 2020, the UK power company People's Energy suffered a data breach. The breach exposed almost 7GB of files...
NetGalley – 1,436,435 breached accounts
In December 2020, the book promotion site NetGalley suffered a data breach. The incident exposed 1.4 million unique email addresses...
A week in security (February 15 – February 21)
Last week on Malwarebytes Labs, the spotlight fell on the State of Malware 2021 report, wherein we have seen cyberthreats...
Fraudsters are Exploiting Google Apps to Steal Credit Card Details
Threat actors are using a novel approach to steal the credit card details of e-commerce shoppers by exploiting Google’s Apps...
US Agencies Publish Advisory on North Korean Cryptocurrency Malware, AppleJeus
The Federal Bureau of Investigation (FBI) jointly with the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the...
Remote-Method-Guesser – Tool For Java RMI Enumeration And Bruteforce Of Remote Methods
remote-method-guesser (rmg) is a command line utility written in Java and can be used to identify security vulnerabilities on Java...
Horusec – An Open Source Tool That Improves Identification Of Vulnerabilities In Your Project With Just One Command
Horusec is an open source tool that performs static code analysis to identify security flaws during the development process. Currently,...
How to Combat Alert Fatigue With Cloud-Based SIEM Tools
Today’s security teams are facing more complexity than ever before. IT environments are changing and expanding rapidly, resulting in proliferating...
NSA Equation Group tool was used by Chinese hackers years before it was leaked online
The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it...
