TuxResponse – Linux Incident Response
TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems...
Stowaway – Multi-hop Proxy Tool For Pentesters
Stowaway is Multi-hop proxy tool for security researchers and pentestersUsers can easily proxy their network traffic to intranet nodes (multi-layer)PS:...
Automating Application Security Processes with the InsightAppSec API
This blog post is part four of our ongoing Automation with InsightAppSec series. Make sure to check out part one,...
Attackers distill essence of Mirai IoT botnet into LiquorBot malware
Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed...
6 ways hackers are targeting retail businesses
Retail hacking is no new phenomenon, although it has increased in frequency over the last few years. In fact, retailers...
Samsung announces a new product Ballie – a robot companion
Samsung has launched a new product at CES 2020, named Ballie a tennis ball-like robot that rolls around following the...
Cyber Attack Alert! Microsoft Gives Inside Revelations About RDP Brute Force Attacks
Microsoft conducted a long-term study, which majorly focused on RDP brute-force attacks, their success and the duration they last for.Per...
Git-Vuln-Finder – Finding Potential Software Vulnerabilities From Git Commit Messages
Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could...
WAFW00F v2.0 – Allows One To Identify And Fingerprint Web Application Firewall (WAF) Products Protecting A Website
The Web Application Firewall Fingerprinting Tool.— From Enable SecurityHow does it work?To do its magic, WAFW00F does the following:Sends a...
InsightConnect Announces New Plugin for Cisco AMP for Endpoints
Rapid7 is excited to announce a new plugin for InisghtConnect that connects to Cisco AMP for Endpoints. Cisco Advanced Malware...
Dubious downloads: How to check if a website and its files are malicious
A significant amount of malware infections and potentially unwanted program (PUP) irritants are the result of downloads from unreliable sources....
Ukrainian cyber police exposed a fraudulent scheme of financial auctions
Earlier EhackingNews reported that cyber police in the Kharkiv region exposed members of a criminal hacker group who purposefully carried...
Clop Ransomware Upgraded, Now can Terminate 663 Windows Processes
In February 2019, Michael Gillespie from MalwareHunter Team founded Clop ransomware that has been evolving to reach its full potential...
Department Of Homeland Security Monitoring the Apparent Hack of a Government Website
The Federal Depository Library Program website, run by the Government Publishing Office recently fell victim to a hacking operation being...
XposedOrNot – Tool To Search An Aggregated Repository Of Xposed Passwords Comprising Of ~850 Million Real Time Passwords
XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage...
Dsync – IDAPython Plugin That Synchronizes Disassembler And Decompiler Views
IDAPython plugin that synchronizes decompiled and disassembled code views.Please refer to comments in the source code for more details.Requires 7.2Download...
RFCpwn – An Enumeration And Exploitation Toolkit Using RFC Calls To SAP
An SAP enumeration and exploitation toolkit using SAP RFC callsThis is a toolkit for demonstrating the impact of compromised service...
InsightIDR: 2019 Year in Review
As we turn the corner into the new year, our team has been looking back at 2019 and reflecting on...
Google app vulnerability being exploited in the wild: Trend Micro
The Sidewinder APT group has been actively abusing a Binder vulnerability in at least three apps found in the Google...
Billion-dollar search engine industry attracts vultures, shady advertisers, and cybercriminals
Search engines make money by showing users sponsored advertisements—a lot of money. This attracts attention, competition, and plenty who want...
A week in security (December 30 – January 5)
Last week on Malwarebytes Labs, we took a dive into edge computing, looked at new web skimmer techniques, and rolled...
DeathRansom, started as a mere joke is now encrypting files!
A ransomware strain named DeathRansom, which was considered a joke earlier, evolved and is now capable of encrypting files, cyber-security...
Privacy Alert! Xiaomi’s Security Cameras Not All That Secure?
If you think that if you have a security camera at your home then you are safe, you are absolutely...
LKWA – Lesser Known Web Attack Lab
Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as...
