Authelia – The Single Sign-On Multi-Factor Portal For Web Apps
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a...
OSSEM – A Tool To Assess Data Quality
A tool to assess data quality, built on top of the awesome OSSEM project.MissionAnswer the question: I want to start...
In April, experts identified 18 million cyberattacks on Russian companies working remotely
According to Kaspersky Lab, in April, the number of attacks on the infrastructure of Russian organizations whose employees work remotely...
All you need to know about the new threat “Fleeceware” and how to protect yourself!
SophosLabs, a cybersecurity firm has discovered a range of apps on Google Play Store and Apple's iOS App Store whose...
Klar – Integration Of Clair And Docker Registry
Integration of Clair and Docker Registry (supports both Clair API v1 and v3)Klar is a simple tool to analyze images...
Powershell-Reverse-Tcp – PowerShell Script For Connecting To A Remote Host.
PowerShell script for connecting to a remote host.Remote host will have full control over client's PowerShell and all its underlying...
What to do when you receive an extortion email
In the last few weeks, there has been an upswing in people receiving threatening, extortion email messages, demanding payment to...
Miscreants Scamming Users into Buying Antivirus Software
Some independent security software affiliates are scamming people by sending emails with the false message that their antivirus is expiring...
LeeHozer and Moobot Have The Same Attack Maneuvers?
Sharing has become a thing with cyber-criminals and their malware mechanisms. Reportedly, LeetHozer botnet was found to have similar attack...
INTERCEPT – Policy As Code Static Analysis Auditing
Stupidly easy to use, small footprint Policy as Code subsecond command-line scanner that leverages the power of the fastest multi-line...
Thoron Framework – Tool To Generate Simple Payloads To Provide Linux TCP Attack
About Thoron FrameworkThoron Framework is a Linux post-exploitation framework that exploitLinux tcp vulnerability to get shell-like connection. Thoron Framework is...
WebMonitor RAT Bundled with Zoom Installer
By Raphael Centeno, Mc Justine De Guzman, and Augusto Remillano II The coronavirus pandemic has highlighted the usefulness of communication...
Cybersecurity and the economy: when recession strikes
Cybercrime and the economy have always been intertwined, but with COVID-19 on the road to causing a seemingly inevitable global...
The “Real-Time Find and Replace” WordPress Plugin Updated To Address A High Severity Vulnerability
So as to address a high severity vulnerability, the “Real-Time Find and Replace” WordPress plugin was updated as of late...
The UK Government Vs Apple & Google API on the New COVID-19 App That Tells Who Near You is Infected!
Reportedly, the United Kingdom declared that their coronavirus tracing application is being run via centralized British servers and that’s how...
Google Confirm Two New High-Severity Vulnerabilities in Chrome 81
The new Chrome 81 version released on April 7th by Google for Windows, Mac, and Linux primarily focused on security...
APT trends report Q1 2020
For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...
SkyWrapper – Tool That Helps To Discover Suspicious Creation Forms And Uses Of Temporary Tokens In AWS
SkyWrapper is an open-source project which analyzes behaviors of temporary tokens created in a given AWS account. The tool is...
Runtime Mobile Security (RMS) – A Powerful Web Interface That Helps You To Manipulate Android Java Classes And Methods At Runtime
Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes...
Staying Healthy and Secure: How to Promote a Culture of Productivity While Keeping Your Security Posture Intact
In the second session of our Remote Work Readiness Series, Rapid7’s own security and business experts shared their advice for...
Rapid7’s Full Stack Vulnerability Risk Management Portfolio Recognized for Application Security Capabilities
Many businesses rely on web applications for their success. Because of this, web applications are also perfect targets for attackers....
PhantomLance campaign slipped trojanized apps into marketplaces for years
A long-running malware campaign whose activity dates back to 2016 has been using a sophisticated playbook of tricks to sneak...
VPNs are mainstream, which is good news
Virtual private networks (VPNs) have been growing in popularity for the last three years, a notable trend revealed in a...
Banking Sector suffered more Credential Stuffing than DDoS Attacks
According to F5's cybersecurity agency's report published recently, the financial sector has been a victim of severe credential stuffing attacks...
