AttackSurfaceMapper – A Tool That Aims To Automate The Reconnaissance Process
Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand...
Memory Laundering: Is Cleaner Better?
Merry HaXmas! The holidays are yeeting toward us, the decade is drawing to a close, and there are few days...
Online privacy in 2019: a legislative review
For decades, the United States treated data privacy like an aging home, patching individual leaks and drafts only when a...
A week in security (December 16 – 22)
Last week on Malwarebytes Labs, we signalled that Mac threat detections have been on the rise in 2019, discussed how...
Rise of the Ransomware Attacks Leads to an Increase Extortion Demands of Cyber Criminals
As there happens a rise in the number of ransomware attacks doubled is the number of organizations surrendering to the...
huskyCI – Performing Security Tests Inside Your CI
huskyCI is an open-source tool that performs security tests inside CI pipelines of multiple projects and centralizes all results into...
Shelly – Simple Backdoor Manager With Python (Based On Weevely)
Shelly adalah sebuah tool sederhana yang ditulis menggunakan Python, yang berfungsi untuk meremote sebuah website Instalation :$ git clone https://github.com/tegal1337/Shelly...
Don’t Spread This Holiday Cheer: How to Secure Your Leftover Technology
With the annual tradition of exchanging gifts fast approaching, plenty of new tech will soon sit beneath the tree, while...
Looking into Attacks and Techniques Used Against WordPress Sites
By David Fiser (Senior Cyber Threat Researcher) WordPress is a well-known open-source content management system (CMS) used for creating websites...
Russian quality system made recommendations for the safe use of IP cameras
The Russian Quality System study says that wireless IP cameras that are used at home, in cafes and other public...
Attackers hacked a Spanish TV channel and showed an interview with the separatist leader of Catalonia
Spanish state television company TVE on Wednesday said that last Thursday unknown attackers used an open portal on its website...
Businesses over Various Countries become Victims of Threat ‘APT20’
An Advanced Persistent Threat (APT) player expected to work from China from the last 2 years is silently targeting companies...
Automotive Giant Honda Exposes 26,000 Vehicle Owner Records Containing Personally Identifiable Information of North American Customers
Subsequent to misconfiguring an 'Elasticsearch cluster' on October 21, the multinational conglomerate Honda exposed around 26,000 vehicle owner records containing...
Spraykatz – A Tool Able To Retrieve Credentials On Windows Machines And Large Active Directory Environments
Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments.It simply...
BetterBackdoor – A Backdoor With A Multitude Of Features
A backdoor is a tool used to gain remote access to a machine.Typically, backdoor utilities such as NetCat have 2...
Google Releases Chrome 79, Warns Users of Data Breach
Tech giant Google has issued warning of data leak for Indian and global users, after fixing Chrome 79 bug and...
OKadminFinder – Admin Panel Finder / Admin Login Page Finder
OKadminFinder: Easy way to find admin panel of site.RequirementsLinuxsudo apt install torsudo apt install python3-socks (optional)pip3 install --user -r requirements.txtWindows...
Findomain v0.9.3 – The Fastest And Cross-Platform Subdomain Enumerator
The fastest and cross-platform subdomain enumerator.What Findomain can do?It table gives you a idea why you should use findomain and...
Cisco Self-Signed Certificate Expiration on Jan. 1, 2020: What You Need to Know
What’s up?Cisco released Field Notice 70489 this week making owners of a wide range of Cisco devices of an impending...
Zeppelin Is Back! Ransomware Stealing Data Via Remote Management Software
Hackers are employing remote management software to steal data and exploit networks only to install “Zeppelin” ransomware on compromised devices.Reportedly,...
Lazyrecon – Script To Automate Your Reconnaissance Process In An Organized Fashion
LazyRecon is a script written in Bash, it is intended to automate some tedious tasks of reconnaissance and information gathering....
PathAuditor – Detecting Unsafe Path Access Patterns
The PathAuditor is a tool meant to find file access related vulnerabilities by auditing libc functions.The idea is roughly as...
Why Running a Privileged Container in Docker Is a Bad Idea
By David Fiser and Alfredo Oliveira Privileged containers in Docker are, concisely put, containers that have all of the root...
Multiple-malware dropper ‘Legion Loader’ dissected
The insidious nature of difficult-to-detect, multiple strains of malware working in tandem to unleash complete obliteration is on full display...
