Kubebox – Terminal And Web Console For Kubernetes
Terminal and Web console for KubernetesFeatures Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube) Switch contexts interactively Authentication support...
Commit Stream – OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API
commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github...
Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across...
Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II
SummaryContext: The Court of Justice of the European Union (CJEU) struck down the EU-US Privacy Shield (Privacy Shield) as a...
Joe FitzPatrick on the Future of Hardware Security Training Sessions
This week Rapid7 welcomes Joe FitzPatrick, a lead researcher at securinghardware.com, as he discusses what it takes to run a...
TikTok is being discouraged and the app may be banned
In recent news retail giant Amazon sent a memo to employees telling them to delete the popular social media app...
The data of clients of the Russian bank Alfa-Bank leaked to the Network
On June 22, a message appeared on the Darknet about the sale of a database of clients of the largest...
The National Security and Defense Council of Ukraine reported a leak of IP addresses of government websites
The leaked list of hidden government IP addresses of government websites occurred in Ukraine. This is stated in the statement...
New Network Protocols Abused To Launch Large-Scale Distributed Denial of Service (DDoS) Attacks
The Federal Bureau of Investigation issued an alert just the previous week cautioning about the discovery of new network protocols...
Prometei: A Cryptomining Botnet that Attacks Microsoft’s Vulnerabilities
An unknown Botnet called "Prometei" is attacking windows and Microsoft devices (vulnerable) using brute force SMb exploits. According to Cisco...
Lazarus on the hunt for big game
We may only be six months in, but there’s little doubt that 2020 will go down in history as a...
SNOWCRASH – A Polyglot Payload Generator
A polyglot payload generator IntroductionSNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected...
Intelspy – Perform Automated Network Reconnaissance Scans
Perform automated network reconnaissance scans to gather network intelligence.IntelSpy is a multi-threaded network intelligence spy tool which performs automated enumeration...
Plugin Development Made Easy With Rapid7
"I've built plugins for four SOAR vendors, and your model was the most mature. You had the best code quality...
A week in security (July 20 – 26)
Last week on Malwarebytes Labs, our Lock and Code podcast delved into Bluetooth and beacon technology. We also dug into...
Firefox expected to release a fix for their “Camera active after phone locks” bug this October
A bug in Mozilla Firefox enabled websites to keep the smartphone camera active even after leaving the browser or locking...
Botnet Activity Goes Down; Revived Emotet Suffers Hindrances in Operations by A Vigilante Hacker
An anonymous vigilante hacker has been actively involved in obstructing 2019's most widespread cybercrime operation, Emotet that made a comeback...
TrustJack – Yet Another PoC For Hijacking DLLs in Windows
Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windowsBlogpost: https://redteamer.tips/?p=108To be used with a cmd that does whatever the F you want, for a...
HawkScan – Security Tool For Reconnaissance And Information Gathering On A Website
Security Tool for Reconnaissance and Information Gathering on a website. (python 2.x & 3.x)This script use "WafW00f" to detect the...
Hear from Your Peers: Advice for Your First 90 Days Using a Vulnerability Management Solution
Modern environments today are, well, complex. They often include a concoction of on-premises, cloud, container, and virtualization services. There’s a...
Ensiko: A Webshell With Ransomware Capabilities
By Aliakbar Zahravi Ensiko is a PHP web shell with ransomware capabilities that targets various platforms such as Linux, Windows,...
Gothic Panda and Stone Panda: Chinese Hackers that Launched Mass Cyber Attacks on Indian Companies
Two Hacking groups from China named Gothic Panda and Stone Panda have been identified for organizing the majority of the...
Sitedorks – Search Google/Bing/DuckDuckGo/Yandex/Yahoo For A Search Term With Different Websites
Search Google, Bing, Yahoo or Yandex for a search term with different websites. A default list is already provided, which...
reNgine – An Automated Reconnaissance Framework Meant For Gathering Information During Penetration Testing Of Web Applications
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan...
