Follow me on twitter Follow @RedPacketSec and join the Telegram channel Anyone who uses Malwarebytes software is probably familiar with the fact that, in addition to things like malware and adware, Malwarebytes detects potentially unwanted programs (PUPs). These are programs that exhibit a variety of unsavory behaviors, but that, for […]
threatintel
2445 posts
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Earlier this month, Zoom’s stock price took a dive on news of two promising COVID vaccines offering over 90 percent effectiveness against the virus (a third vaccine was just announced). That’s nice. Glad to know some people think this […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Anton Kardanov, head of the information security sector at AT Consulting, warned that motion recognition systems can be used by cybercriminals to steal the personal data of users during video conferences. According to him, a special algorithm can read […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Chinese state-sponsored threat actors have been observed exploiting the Zerologon vulnerability in a global campaign targeting businesses from multiple industries in Japan and 17 other regions across the world including the United States and Europe. The attacked industries […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Our colleagues already delved into how cybercriminals attack companies through compromised email addresses of employees, and how to protect against such attacks using SPF, DKIM and DMARC technologies. But despite the obvious pluses of these solutions, there is a […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to different security contexts: (1) bug reproduction, (2) patch testing or (3) static analysis report verification. There are recently more […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks. Xerror will perform all tests and, at the end generate two reports for executives and analysts. Xerror provides GUI […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This vulnerability has a CVSSv3 score of 9.1, which is usually CRITICAL, since it effectively allows anyone who can connect […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst for Malwarebytes, about charity organizations and online […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel On 19 November, E-Hacking News conducted an interesting interview with Sepio Systems. The company provides its customers with the highest level of visibility, policy enforcement, and Rogue Device Mitigation capabilities. The guest speaker for the interview was Mr. Bentsi […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS’s Bluetooth daemon bluetoothd and to analyze various Bluetooth protocols on iOS. As it is built using FRIDA, it can be adapted to target any […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn’t be able to get from just looking at their profile The information includes: [ profile ] : user id, followers / following, […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Posted by SEC Consult Vulnerability Lab on Nov 23 SEC Consult Vulnerability Lab Security Advisory < 20201123-0 > ======================================================================= title: Multiple Vulnerabilities product: ZTE WLAN router MF253V vulnerable version: V1.0.0B04 fixed version: V1.0.0B05 CVE number: impact: Medium homepage: https://www.zte.com.cn […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Posted by Ken Williams via Fulldisclosure on Nov 23 CA20201116-01: Security Notice for CA Unified Infrastructure Management Issued: November 16th, 2020 Last Updated: November 16th, 2020 CA Technologies, A Broadcom Company, is alerting customers to a vulnerability in CA […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain cloud computing myths still creep into the minds of CIOs and other denizens of the corner office. For example, […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we’d end up with a hefty, 137-page tome of a research […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel The much popular messaging application earlier announced that they will be rolling out a new ‘Disappearing Messages’ feature, where sent messages disappear after seven days around this month. Now, this particular feature is available for Indian users to avail […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Manchester United affirmed the hacking on the club and revealed systems required for the match remained secure. Have been hit by a cyber-attack on their systems however state they are not “currently aware of any breach of personal […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts. The results of the risk identification process can be used to generate cyber-physical attack graphs, which model multistage cyber […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel Security Incident Response Automated Simulations (SIRAS) are internal/controlled actions that provide a structured opportunity to practice the incident response plan and procedures during a realistic scenarios. the main idea of SIRAS is create an detection-as-a-code testing scenarios to facilitate […]
Follow me on twitter Follow @RedPacketSec and join the Telegram channel A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language (“FuzzIL”) which can be mutated and translated to JavaScript. Usage The basic steps to use this fuzzer are: Download the source code for one of the […]