PowerSploit – A PowerShell Post-Exploitation Framework
PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of...
HiveJack – This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one...
How to Increase Your Security Team’s Visibility Within Your Organization—And What Happens When You Do
Security is a multi-faceted responsibility. First, you need visibility into vulnerabilities across your organization. Then, you need to ensure that...
Reverse Engineering a VxWorks OS Based Router
Introduction Embedded devices are a huge and wide world of options for CPU architectures, operating systems and file systems. You...
New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
This blog post was authored by Hossein Jazi, Thomas Reed and Jérôme Segura. We recently identified what we believe is...
Credit card skimmer masquerades as favicon
Malware authors are notorious for their deceptive attempts at staying one step ahead of defenders. As their schemes get exposed,...
Attackers Exploit Two Vulnerabilities in SaltStack to Publish Arbitrary Control Messages and Much More
CISA has sent warnings to the users regarding two critical vulnerabilities in SaltStack Salt, an open-source remote task and configuration...
Fileless Malware Attacks and How To Fight Them!
It has been crystal clear over these years with the increase in a number of cyber-attacks of an equally unique...
DDoS attacks in Q1 2020
News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web...
Nexphisher – Advanced Phishing Tool For Linux & Termux
NexPhisher is an automated Phishing tool made for Termux & Linux .The phishing Pages are Taken from Zphisher under GNU...
TorghostNG – Make All Your Internet Traffic Anonymized Through Tor Network
TorghostNG is a tool that make all your internet traffic anonymized through Tor network.Rewritten from TorGhost with Python 3.TorghostNG was...
Why SOAR Is an Essential Cybersecurity Tool for Financial Services Companies
Security in the financial services world remains as essential as ever. It seems news about hackers stealing customer banking data...
Targeted Ransomware Attack Hits Taiwanese Organizations
A new targeted attack has infected several organizations in Taiwan with a new ransomware family, which we have dubbed ColdLock....
Vulnerabilities in two VPNs opened door to fake, malicious updates
Hackers can exploit critical vulnerabilities in PrivateVPN and Betternet – since fixed – to push out fake updates and plant...
‘About Coronavirus’ app locks Android screens with repackaged malware
An existing version of the Android device screen-locking malware SLocker has apparently been copied and repackaged in the form of...
Explained: cloud-delivered security
As a counterpart to security for your assets in the cloud, you may also run into solutions that offer security...
Moscow has denied accusations of stealing coronavirus-related developments
Accusations of the British authorities against Russia of allegedly stealing coronavirus developments by Russian hackers are "typical corona - madness"...
“CursedChrome”, a chrome extension used by hackers to make your browser into a proxy
Security researchers have found a Chrome extension that turns Chrome browsers in proxy bots that enables the hacker to browse...
Sshprank – A Fast SSH Mass-Scanner, Login Cracker And Banner Grabber Tool Using The Python-Masscan Module
A fast SSH mass-scanner, login cracker and banner grabber tool using the python-masscan module.Usage$ sshprank -H--====--usage sshprank <mode> | <misc>modes...
Generator-Burp-Extension – Everything You Need About Burp Extension Generation
Everything You Need About Burp Extension GenerationInstallationFirst, install Yeoman and generator-burp-extension using npm (we assume you have pre-installed node.js).npm install...
Reduce Risk with CyberArk and Rapid7 Integrations
This blog post was co-authored by Andrew Silberman and Justin Buchanan.It’s well known in the world of cybersecurity that you...
A week in security (April 27 – May 3)
Last week on Malwarebytes Labs, we looked at how secure the cloud is, understood why unexpected demand can influence an...
Email of the Pskov Churchman Tikhon was hacked
The Churchman Tikhon (Mr. Shevkunov), who is called "Vladimir Putin's Confessor" in the media, told about the hacking of his...
Hackers Exploit Ad Networks to Launch Phishing Attacks against Android Users
The hackers are exploiting mobile ad networks that take the android users to malicious websites. After this, hackers can either...
