Karonte – A Static Analysis Tool To Detect Multi-Binary Vulnerabilities In Embedded Firmware
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware.Research paperWe present our approach and the findings...
Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper
Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29...
Threat spotlight: Phobos ransomware lives up to its name
Ransomware has struck dead on organizations since it became a mainstream tool in cybercriminals’ belts years ago. From massive WannaCry...
Malware Against Crypto-Currency Businesses; Microsoft and Apple are Targets Alike
“AppleJeus” operation was the first time “macOS” users were made victims by Lazarus. Herein, a manipulated application was used to...
SNAKE Ransomware Targets Entire Corporate Systems?
The new Snake Ransomware family sets out to target the organizations’' corporate networks in all their entirety, written in Golang...
PayPal Fixes ‘High-Severity’ Password Security Vulnerability
Researcher Alex Birsan, while examining PayPal's main authentication flow– discovered a critical security flaw that hackers could have exploited to...
IotShark – Monitoring And Analyzing IoT Traffic
IoTShark is a IOT monitoring service that allows users to monitor their IOT devices for trends in data sent/received. Ordinarily,...
LNAV – Log File Navigator
The log file navigator, lnav, is an enhanced log file viewer that takes advantage of any semantic information that can...
Challenges and Best Practices with Vulnerability Risk Management Collaboration
Even in the most high-tech environments, remediation and risk reduction don’t just happen. In order for vulnerability risk management to...
United States government-funded phones come pre-installed with unremovable malware
A United States–funded mobile carrier that offers phones via the Lifeline Assistance program is selling a mobile device pre-installed with...
Russian experts warn the danger of charging the phone in public places
The number of charging stations at airports, bus stops, metro stations and other public places in Russia has been growing...
Cisco faces criticism after a hacker finds 120+ bugs in its product
A triad of severe vulnerabilities in Cisco DCNM (Data Center Network Manager) stock allows hackers to remotely sidestep the verification...
TuxResponse – Linux Incident Response
TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems...
Stowaway – Multi-hop Proxy Tool For Pentesters
Stowaway is Multi-hop proxy tool for security researchers and pentestersUsers can easily proxy their network traffic to intranet nodes (multi-layer)PS:...
Automating Application Security Processes with the InsightAppSec API
This blog post is part four of our ongoing Automation with InsightAppSec series. Make sure to check out part one,...
Attackers distill essence of Mirai IoT botnet into LiquorBot malware
Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed...
6 ways hackers are targeting retail businesses
Retail hacking is no new phenomenon, although it has increased in frequency over the last few years. In fact, retailers...
Samsung announces a new product Ballie – a robot companion
Samsung has launched a new product at CES 2020, named Ballie a tennis ball-like robot that rolls around following the...
Cyber Attack Alert! Microsoft Gives Inside Revelations About RDP Brute Force Attacks
Microsoft conducted a long-term study, which majorly focused on RDP brute-force attacks, their success and the duration they last for.Per...
Git-Vuln-Finder – Finding Potential Software Vulnerabilities From Git Commit Messages
Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could...
WAFW00F v2.0 – Allows One To Identify And Fingerprint Web Application Firewall (WAF) Products Protecting A Website
The Web Application Firewall Fingerprinting Tool.— From Enable SecurityHow does it work?To do its magic, WAFW00F does the following:Sends a...
InsightConnect Announces New Plugin for Cisco AMP for Endpoints
Rapid7 is excited to announce a new plugin for InisghtConnect that connects to Cisco AMP for Endpoints. Cisco Advanced Malware...
Dubious downloads: How to check if a website and its files are malicious
A significant amount of malware infections and potentially unwanted program (PUP) irritants are the result of downloads from unreliable sources....
Ukrainian cyber police exposed a fraudulent scheme of financial auctions
Earlier EhackingNews reported that cyber police in the Kharkiv region exposed members of a criminal hacker group who purposefully carried...
