Digital Signature Hijack – Binaries, PowerShell Scripts And Information About Digital Signature Hijacking
Hijacking legitimate digital signatures is a technique that can be used during red team assessments in order to sign PowerShell...
The Security Practitioner’s Intro to the Cloud: Everything You Ever Wanted to Know But Were Afraid to Ask
Before I bought a house a few years ago, my understanding of mortgages was pretty shaky at best. I only...
In Armenia data about thousands of patients with coronavirus were leaked
The National Security Service of Armenia (NSS) finds out that the personal data of 3,500 patients with coronavirus and their...
SecretFinder – A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT…) And Search Anything On Javascript Files
SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript...
SIEM Security Tools: Six Expensive Misconceptions
How next-gen SIEM security solutions increase time to value in a modern threat environmentThe changing security landscape demands the most...
Unlocking the Power of Macro Authentication: Part One
This blog post is part one in a three-part series on macro authentication.You may have come across macro authentication when...
VPNs: should you use them?
We are going to talk today about something you’ve likely heard of before: VPNs, or Virtual Private Networks. We at...
Fsociety – A Modular Penetration Testing Framework
Become a Patron! Installpip install fsocietyUpdatepip install --upgrade fsocietyUsageusage: fsociety A Penetration Testing Frameworkoptional arguments: -h, --help show this help...
Threats to U.S. Space Systems Multiply Rapidly; a Novel Approach Emerges For Protection
Become a Patron! The increasing vulnerability of U.S. space systems lately has incited its rivals to begin with their development...
Targeting U.S. banks, Qbot trojan evolves with new evasion techniques
By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to...
A week in security (June 8 – 14)
Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list...
Enel Group attacked by SNAKE ransomware same as Honda
The Enel Group, a power, and sustainability company were hit by EKANS (SNAKE) ransomware on June 7th affecting its internal...
Explicit content and cyberthreats: 2019 report
‘Stay at home’ is the new motto for 2020 and it has entailed many changes to our daily lives, most...
EvilDLL – Malicious DLL (Reverse Shell) Generator For DLL Hijacking
Read the license before using any part from this code :)Malicious DLL (Win Reverse Shell) generator for DLL HijackingFeatures:Reverse TCP...
Axiom – A Dynamic Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters!
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom...
Introducing a New InsightVM Dashboard to Monitor External and Remote Workforce Assets in Your Environment
As our economies start to slowly reopen, knowledge-based jobs are still heavily relying on working from home during the COVID-19...
Fake applications are replicating “TraceTogether,” a Singapore Covid-19 contact tracing application
Recently, these counterfeit apps emerged on the internet, which alarmed the local authorities to warn the general public. A cybersecurity...
Fast-Google-Dorks-Scan – Fast Google Dorks Scan
A script to enumerate web-sites using Google dorks.Usage example: ./FGDS.sh megacorp.oneVersion: 0.035, June 07, 2020Features:Looking for the common admin panelLooking...
URLCADIZ – A Simple Script To Generate A Hidden Url For Social Engineering
A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual...
Russian expert told about the danger of using someone else’s smartphone charging
"Using someone else's charging can cause damage to the smartphone and give hackers access to your personal data and important...
Six New Vulnerabilities Found in DIR-865L Model of D-Link Routers
Over the last few months, the cyber world witnessed an alarming spike in the number of malicious attacks, it's seen...
Largest ISP in Austria Hit by a Security Breach
The largest internet service provider in Austria was hit by a security breach this week, in the wake of enduring...
Shodanfy.py – Get Ports, Vulnerabilities, Informations, Banners, ..Etc For Any IP With Shodan (No Apikey! No Rate-Limit!)
Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate limit!)Usage# python3 shodanfy.py <ip> e.g: python3 shodanfy.py 111.111.111.111 python3...
KatroLogger – KeyLogger For Linux Systems
KeyLogger for Linux Systems. FeaturesRuns on GUI systems or CLISending data by email Dependenciescurllibx11-dev (Debian-Based)libX11-devel (RHEL-Based) Compiling# ./configure# make# make...
