WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
In the early days, practically all tech support scammers would get their own leads by doing some amateur SEO poisoning...
Cyber Attack Alert! A Fake Factory Network Attacked With RAT, Ransomware, Malware and So On!
Researchers simulated a real-looking “Industrial prototyping” organization with fake employees, PLCs, and websites to study the types of cyber-attacks that...
YARASAFE – Automatic Binary Function Similarity Checks with Yara
SAFE is a tool developed to create Binary Functions Embedding developed by Massarelli L., Di Luna G.A., Petroni F., Querzoni...
AlertResponder – Automatic Security Alert Response Framework By AWS Serverless Application Model
AlertResponder is a serverless framework for automatic response of security alert.OverviewAlertResponder receives an alert that is event of interest from...
Vulnerability Management in the Cloud: Addressing the AWS Shared Responsibility Model
If you’re operating in the cloud, you may be familiar with the shared responsibility model. We often hear people say...
More than half of Russian companies are concerned about the protection of personal data of employees and customers
The antivirus company ESET studied the state of information security in the Russian business sector, interviewing dozens of IT Directors...
TAS – A Tiny Framework For Easily Manipulate The Tty And Create Fake Binaries
A tiny framework for easily manipulate the tty and create fake binaries.How it works?The framework has three main functions, tas_execv,...
Corsy v1.0 – CORS Misconfiguration Scanner
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.RequirementsCorsy only works with Python 3 and...
Better Together: How to Collaborate to Drive Vulnerability Remediation Among Security, IT, and DevOps Teams
If you feel anxious about the amount of time it takes your organization to remediate vulnerabilities or find yourself spending...
A week in security (January 13 – 19)
Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed...
Railway Protection Force (RPF) bust a multi-crore ticket fraud
Bengaluru: The Railway Protection Force busted a multi crore ticket booking fraud and apprehended two miscreants who hacked the railway...
Google Maps…Creepy or Useful?
Whether Android or iPhone there is no denying that Google is there for all of us, keeping a track log...
Bot List Containing Telnet Credentials for More than 500,000 Servers, Routers and IoT Devices Leaked Online
This week, a hacker published a list on a popular hacking forum containing Telnet credentials for over 515,000 servers, home...
Website Puts 12 Billion User Records Up For Sale and Gets Seized By US Authorities
Are you fond of buying stolen'/leaked data? Because, one such domain, named ‘WeLeakInfo.com’ recently got seized by the US authorities....
TeleGram-Scraper – Telegram Group Scraper Tool (Fetch All Information About Group Members)
Telegram Group Scraper Tool. Fetch All Information About Group Members• How To Install & Setup API ( Termux )• API...
Grouper2 – Find Vulnerabilities In AD Group Policy
What is it for?Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.It might...
Ukrainian government job site posted passport scans of thousands of civil service candidates
Government job site https://career.gov.ua/ published scans of passports and other documents of citizens who registered on the portal to search...
Gophish – Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily...
Aaia – AWS Identity And Access Management Visualizer And Anomaly Finder
Aaia (pronounced as shown here ) helps in visualizing AWS IAM and Organizations in a graph format with help of...
Reverse Engineering a Philips TriMedia CPU based IP Camera – Part 3
Introduction Welcome to the final chapter of the Trimedia series. In the first part of the series, I introduced this...
A Deep Dive Into Samsung’s TrustZone (Part 2)
Introduction After detailing Samsung's TrustZone implementation in the first part of this series, this blog post introduces the tools that...
A Deep Dive Into Samsung’s TrustZone (Part 1)
Motivations After a general introduction on the ARM TrustZone and a focus on Qualcomm's implementation, this new series of articles...
A Glimpse Into Tencent’s Legu Packer
Introduction This blog post deals with the Legu packer, an Android protector developed by Tencent that is currently one of...
Irma Past and Future
Introduction Irma is our file security analysis software, originally developed as an open source project with the sponsorship of 5...
