BitDefender Total Security 2020: Review
I use Linux as my daily driver and do not use Bitdefender for those times, but when I do have...
Amazon Prime Day—8 tips for safer shopping
Avid Amazon Prime Day shoppers may have been worried they’d missed it this year—thanks coronavirus. Fear not, last month Amazon...
Lock and Code S1Ep17: Journalism’s role in cybersecurity with Alfred Ng and Seth Rosenblatt
Most everything about cybersecurity—the threats, the vulnerabilities, the breaches and the blunders—doesn’t happen in a vacuum. And the public doesn’t...
Hak5 WiFi Pineapple Nano: Review
Attacks on WiFi networks are well known in the cybersecurity world, as an established technique for penetrating a target. The Hak5 WiFi...
Best Amazon Prime Day Smart Home Deals 2020 – Robots Prime Day Deals, Smart Home Deals, and More!
Yes, it’s that time of year again! Prime Day will be arriving October 13th and running through to October 14th....
O365Enum – Enumerate Valid Usernames From Office 365 Using ActiveSync, Autodiscover V1, Or Office.Com Login Page
Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover, or office.com login page.Usageo365enum will read usernames from the file provided...
Wave-Share – Serverless, Peer-To-Peer, Local File Sharing Through Sound
A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser....
What’s New in InsightIDR: Q3 2020 in Review
In July, we provided a rundown of what was new in InsightIDR, our cloud-based SIEM tool, from the first half...
SEC Consult SA-20201012-0 :: Reflected Cross-Site Scripting and Unauthenticated Malicious File Upload in Sage DPW
Posted by SEC Consult Vulnerability Lab on Oct 12SEC Consult Vulnerability Lab Security Advisory < 20201012-0 > ======================================================================= title: Reflected...
The Covid-19 Pandemic Forces Businesses To Prioritise Investment In Cybersecurity Despite The Overall IT Budget Cuts
As per a Kaspersky report on ‘Investment adjustment: aligning IT budgets with changing security priorities’ organizations and businesses have...
Gitjacker – Leak Git Repositories From Misconfigured Websites
Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will...
Phishing scam lures employees by teasing secrets of Trump COVID diagnosis
Pictured: President Donald Trump in the Presidential Suite at Walter Reed National Military Medical Center on Oct. 3, after being...
Russian scientists and a graduate student from Syria create a tool for detecting network anomalies of the Internet
Samara Maykhub, a Syrian-born graduate student, to conduct Research at the Samara National Research University named after Academician S. P....
Sharkcop: Google Chrome Extension Makes Use of SVM Machine Learning Algorithm to Detect Phishing URLs
Sharkcop, a Google Chrome browser extension that analyses SSL certificates, URL length, domain age, and the number of redirections to...
NashaVM – A Virtual Machine For .NET Files And Its Runtime Was Made In C++/CLI
Nasha is a Virtual Machine for .NET files and its runtime was made in C++/CLI Installationgit clone https://github.com/Mrakovic-ORG/NashaVM --recursecd NashaVMNashaVMnuget...
SwiftBelt – A macOS Enumeration Tool Inspired By Harmjoy’S Windows-based Seatbelt Enumeration Tool
SwiftBelt is a macOS enumerator inspired by @harmjoy's Windows-based Seatbelt enumeration tool. SwiftBelt does not utilize any command line utilities...
Cisco Webex Teams Client for Windows DLL Hijacking Vulnerability
Posted by houjingyi on Oct 09new dll hijacking scenario found by accident <http://houjingyi233.com/2020/10/09/new-dll-hijacking-scenario-found-by-accident/> Speaking of dll hijacking, many people may...
SEC Consult SA-20201008-0 :: Multiple Cross-Site Scripting Vulnerabilities in Confluence Marketplace Plugins
Posted by SEC Consult Vulnerability Lab on Oct 09SEC Consult Vulnerability Lab Security Advisory < 20201008-0 > ======================================================================= title: Multiple...
Credit card skimmer targets virtual conference platform
We’ve seen many security incidents affecting different websites simultaneously because they were loading the same tampered piece of code. In...
Healthcare security update: death by ransomware, what’s next?
A recent ransomware attack which played a significant role in the death of a German woman has put into focus...
Hackers Can Use AI and Machine Learning to Attack Cybersecurity
According to researchers at NCSA and Nasdaq cybersecurity summit, hackers can use Machine and AI (Artificial Intelligence) to avoid identification...
Group-IB spotted a new fraud scheme to steal money from Zoom users
Under the guise of receiving monetary compensation "in connection with COVID-19" or for subscribing to the service, users are lured...
MontysThree: Industrial espionage with steganography and a Russian accent on both sides
In summer 2020 we uncovered a previously unknown multi-module C++ toolset used in highly targeted industrial espionage attacks dating back...
C41N – An Automated Rogue Access Point Setup Tool
c41n is an automated Rogue Access Point setup tool. c41n provides automated setup of several types of Rogue Access Points,...
