Tax software used by Chinese bank clients installs GoldenSpy backdoor
A tax software program installed by business clients of an unidentified Chinese bank was trojanized with malware that installs a...
A week in security (June 22 – 28)
Last week on Malwarebytes Labs, we provided a zero-day guide for 2020 featuring recent attacks and advanced preventive techniques, and...
Russian Medvedev pleaded guilty to cybercrime in a US court
The US Department of Justice considers Sergei Medvedev one of the founders of the transnational organization Infraud, which sold stolen...
Apple catches TikTok spying on million of iPhone users globally
Apple announced its latest OS iOS14 at this year's WWDC and during the beta testing for the same, the tech...
Kube-Bench – Checks Whether Kubernetes Is Deployed According To Security Best Practices As Defined In The CIS Kubernetes Benchmark
kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the CIS...
EvilNet – Network Attack Wifi Attack Vlan Attack Arp Attack Mac Attack Attack Revealed Etc…
Network Attack wifi attack vlan attack arp attack Mac Attack Attack revealed etc../install :sudo pip3 install -r requirements.txtEvilNet Attack NetworkScan...
CVE-2020-2021 Authentication Bypass in PAN-OS Security Assertion Markup Language (SAML) Authentication Disclosed
Overview of the SAML authentication vulnerability on PAN-OS devicesOn Monday, June 29, 2020, Palo Alto released details on CVE-2020-2021, a...
Building a Printed Circuit Board Probe Testing Jig
When working on embedded hardware, there is often a need to connect into the printed circuit board (PCB) for testing....
US Local Government Services Targeted by New Magecart Credit Card Skimming Attack
Eight cities across three states in the United States have fallen victim to a Magecart card skimming attack. In these...
UCSF paid $1.4 million ransom in NetWalker attack
The University of California, San Francisco (UCSF) ponied up a $1.4 million to hackers to retrieve data encrypted during a...
Hackers Leak Tons of Personal Data as IndiaBulls Fails to Meet the First Ransomware Deadline
Hackers demanding ransom released data, as the IndiaBull failed to meet the first ransom deadline. It happened after a 24-hour...
Business Email Compromise: Most Common Online Scam?
More and more small and medium enterprises are being affected by business e-mail compromise, according to a webinar, conducted by...
Xeexe – Undetectable And XOR Encrypting With Custom KEY (FUD Metasploit RAT)
Undetectable Reverse shell & Xor encrypting with custom KEY(FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,...(PYTHON 3)Undetectable Reverse shell (Metasploit...
BSF – Botnet Simulation Framework
BSF provides a discrete simulation environment to implement and extend peer-to-peer botnets, tweak their settings and allow defenders to evaluate...
Texas Hit By a Human-Operated Ransomware That Targets against Government Agencies and Enterprises
May 2020 was not a good month for both the Texas Courts and the Texas Department of Transportation (TxDOT) as...
Hackers abusing .slk files to attack Microsoft 365 users
Avanan’s Security Analysts have recently discovered a threat bypassing Microsoft 365 security, the attack uses .slk files to avoid detection.The...
The database of millions of Telegram users from Russia and Iran appeared on the Darknet
On one of the forums in the Darknet, a database appeared with information about several million users of the Telegram...
Espionage – A Network Packet And Traffic Interceptor For Linux. Spoof ARP & Wiretap A Network
Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows...
Screenspy – Capture user screenshots using shortcut file (Bypass SmartScreen/Defender)
Capture user screenshots using shortcut file (Bypass SmartScreen/Defender). Suport Multi-monitorLegal disclaimer:Usage of ScreenSpy for attacking targets without prior mutual consent...
The face of tomorrow’s cybercrime: Deepfake ransomware explained
While many countries are beginning to ease up on their respective pandemic lock downs—which, in turn, also means that everyone...
Experts have discovered a data leak of almost five million Russians
DeviceLock experts discovered a data leak of almost 5 million users in the Russian Federation, presumably from one of the...
Cyberattacks in the U.S. Hit an All-Time High due to Covid-19, Says Black Hat Report.
Due to the coronavirus pandemic, cybersecurity experts suspect a rise in cyberattacks and cybercrimes, says a survey by Black Hat...
VBSmin – VBScript Minifier
VBScript minifierFeaturesRemove extra whitespace Trailing whitespaceLeading whitespaceBlank linesInline extra spacesRemove comments Single quote (start of the line)Single quote (inline)REMOne-line Line...
Cloudtopolis – Cracking Hashes In The Cloud For Free
Cloudtopolis is a tool that facilitates the installation and provisioning of Hashtopolis on the Google Cloud Shell platform, quickly and...
