RemoteSec: achieving on-prem security levels with cloud-based remote teams
The world of work is changing—by the minute, it feels these days. With the onset of the global coronavirus pandemic,...
In Kiev, a hacker group who used the vulnerability of banks to steal their clients’ money was caught
The Security Service of Ukraine (SBU) announced the termination of the acclivities of hackers who stole an average of 1.2...
Cookiethief: a cookie-stealing Trojan for Android
We recently discovered a new strain of Android malware. The Trojan (detected as: Trojan-Spy.AndroidOS.Cookiethief) turned out to be quite simple....
Dirble – Fast Directory Scanning And Scraping Tool
Dirble is a website directory scanning tool for Windows and Linux. It's designed to be fast to run and easy...
Pentest Tools Framework – A Database Of Exploits, Scanners And Tools For Penetration Testing
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes...
CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability Analysis
Rapid7 chief data scientist Bob Rudis, threat intelligence team member Charlie Stafford, and VRM engineering manager Brent Cook also contributed...
3 Common Threats to Look for in Your Network Data
Continuously monitoring your network activity for signs of attack is a great way to catch hackers and breaches before they...
OpenSMTPD Vulnerability (CVE-2020-8794) Can Lead to Root Privilege Escalation and Remote Code Execution
By Alexander Elkholy (Threats Analyst) A root privilege escalation and remote execution vulnerability (designated as CVE-2020-8794) has been discovered in...
Malicious coronavirus map hides AZORult info-stealing malware
Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples,...
Securing the MSP: best practices for vetting cybersecurity vendors
Ironically, to keep costs low for their enterprise and mid-market clients, managed service providers (MSPs) are some of the most...
The FBI arrested a Russian associated with Deer.io
The Federal Bureau of Investigation arrested a Russian citizen who allegedly supported the sale of hacked accounts and personal data...
Microsoft shuts down World’s Largest Botnet Army
According to Microsoft, the company was part of a team that took down the global network of zombie bots. Necurs...
A Module-Based Malware Spread by Word Document
As a module-based malware, Trickbot a malware family previously captured by FortiGuard Labs and afterward analyzed in 2016. It can...
Google Stops Displaying Security Warnings in Microsoft Edge, No Longer Recommends Switching to Chrome
Google has stopped advising Microsoft Edge users to switch to Chrome for a more secure experience as the browser extensions...
RedRabbit – Red Team PowerShell Script
RedRabbit is a PowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam To Run: You can either run locally...
Sifter – A OSINT, Recon And Vulnerability Scanner
Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order...
Why Our Future in InfoSec Depends on Automation
In a survey conducted by the Ponemon Institute and Domain Tools, 51% of respondents said they believe that automation will...
Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
By Jaromir Horejsi and Joseph C. Chen (Threat Researchers) We recently discovered a new campaign that we dubbed “Operation Overtrap”...
March Patch Tuesday: LNK, Microsoft Word Vulnerabilities Get Fixes
Following the unexpectedly long list of fixes included in last month’s Patch Tuesday, March brings an even longer one, albeit...
Years-long malware operation hides njRAT in cracked hacking tools
Malicious actors have been secretly embedding the njRAT remote access trojan in free hacking tools as well as cracks of those...
Rocket Loader skimmer impersonates CloudFlare library in clever scheme
Update: The digital certificate issued for httpsps has been revoked by GlobalSign. Fraudsters are known for using social engineering tricks...
Check Point: coronavirus has become a tool for hacker attacks on users and businesses
According to Check Point Threat Intelligence, more than 4,000 coronavirus-related domains have been registered worldwide since January 2020. 3% of...
Cisco Vulnerable Again; May Lead To Arbitrary Code Execution!
Earlier this year Cisco was in the headlines for the Zero-day vulnerabilities that were discovered in several of its devices...
The United States accused the manager of Group-IB of cybercrime
According to an indictment in a court database, US authorities accuse Nikita Kislitsin, manager of a Russian cybersecurity company Group-IB,...
