Threat hunters watch as Chinese hackers forage forums for tools
Pictured: The Forbidden City, in Beijing. Experts say Chinese APT operations use a mix of proprietary and publicly available tools...
Apple OS developer supply chain threatened by ‘clever’ malware attack
In an attack described as a “clever” supply-chain threat, XCSSET malware is being injected undetected into programs created by unwitting...
DHS and FBI warn of North Korean malware targeted at defense contractors
The Department of Homeland Security and Federal Bureau of Investigation published an alert Wednesday about malware it claims North Korea...
Hackers Can Now Clone Your Key Using Just a Smartphone Microphone and a Program
Earlier this year researchers at the National University of Singapore came up and published a paper enumerating how, utilizing just...
More than 100 websites selling air tickets in Russia turned out to be fraudulent
Cybercriminals continue to deceive people. According to the Group-IB, over the past few months, more than 100 fraudulent sites in...
Expert Malnev gave tips on detecting Keylogger
Alexey Malnev, head of the Jet CSIRT Information Security Monitoring and Incident Response Center of Jet Infosystems, spoke about how...
REvil/Sodinokibi Ransomware Specifically Targeting Food and Beverages Organizations
REvil, also known as Sodinokibi ransomware was first spotted in April 2019, it attacks Windows PCs to encrypt all the...
Transparent Tribe: Evolution analysis,part 1
Background and key findings Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities...
Wonitor – Fast, Zero Config Web Endpoint Change Monitor
fast, zero config web endpoint change monitor. for comparing responses, a selected list of http headers and the full response...
DropEngine – Malleable Payloads!
By @s0lst1c3DisclaimerDropEngine (the "Software") and associated documentation is provided “AS IS”. The Developer makes no other warranties, express or implied,...
Automated External Sonar Scanning Workflow with InsightVM
Have you ever come into the office on a Monday and were completely surprised by your boss asking about some...
How Unsecure gRPC Implementations Can Compromise APIs, Applications
By David Fiser (Security Researcher) Enterprises are turning to microservice architecture to build future-facing applications. Microservices allow enterprises to efficiently...
Unico Campania – 166,031 breached accounts
In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively circulated. The breach contained...
20 percent of organizations experienced breach due to remote worker, Labs report reveals
It is no surprise that moving to a fully remote work environment due to COVID-19 would cause a number of...
ReconSpider – Most Advanced Open Source Intelligence (OSINT) Framework For Scanning IP Address, Emails, Websites, Organizations
ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information...
US Army Says North Korea Has Hackers and Electronic Warfare Specialists Working and Operating Abroad
In a report published a month ago by the US Army said North Korea has at least 6,000 hackers and...
Pagodo – Automate Google Hacking Database Scraping And Searching
The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and...
Bangaluru based startup Pixxel raises $5 Million to be India’s first Earth-Imaging Satellite to launch
A Bengaluru based startup, Pixxel is soaring towards the moon as they recently raised a sweeping fund of 5 million...
Kali Linux 2020.3 Release – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! Quarter #3 – Kali Linux 20202.3. This release has various impressive updates.A quick overview...
Ask a Pen Tester, Part 1: A Q&A With Rapid7 Pen Testers Gisela Hinojosa and Carlota Bindner
Recently, we tasked some of our Rapid7 customers to ask their most burning questions related to the mysterious art of...
U.S. urges Linux users to secure kernels from new Russian malware threat
The FBI and NSA jointly issued an advisory on Drovorub – a newly disclosed malware program targeting Linux systems. (Jan...
Utah Gun Exchange – 235,233 breached accounts
In July 2020, the Utah Gun Exchange website suffered a data breach which included several other associated websites. In total,...
Catho – 1,173,012 breached accounts
In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed...
Sonicbids – 751,700 breached accounts
In December 2019, the booking website Sonicbids suffered a data breach which they attributed to "a data privacy event involving...
