“Not Amazon” Canadian Website Takes on the Online Giant
The e-commerce giants, with their evidently endless collection and drive to deliver convenience along with affordable prices, have become an...
Month: January 2021
Massive Data Dump of 10 Crore Indian Card Holders Leaked on Dark Web
The data of 10 Crore Indian cardholders has been sold on the Dark Web for an unknown amount. The information...
Top VPN Provider Zyxel Hacked, Here’s a Quick Look into the Security Incident
Technology and networking have turned out to be the need of the hour and we must also be equally qualified...
MaskPhish – Give A Mask To Phishing URL
MaskPhish is a simple script to hide phishing URL under a normal looking URL(google.com or facebook.com).Legal Disclaimer:Usage of MaskPhish for...
Drow – Injects Code Into ELF Executables Post-Build
drow is a command-line utility that is used to inject code and hook the entrypoint of ELF executables (post-build). It...
NICER Protocol Deep Dive: Internet Exposure of DNS
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Healthcare organizations faced a 45% increase in attacks since November
According to a new report published by Check Point, organizations in the healthcare industry have faced a 45% increase in...
Over 500,000 credentials for tens of gaming firm available in the Dark Web
The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked on...
How to bypass the Google Audio reCAPTCHA with a new version of unCaptcha2 attack
A German security researcher demonstrated how to break, once again, the Google Audio reCAPTCHA with Google’s own Speech to Text...
Apex Laboratory disclose data breach after a ransomware attack
At-home laboratory services provider Apex Laboratory discloses a ransomware attack and consequent data breach. Apex Laboratory, Inc. is a clinical...
CVE-2020-4916
Summary: IBM Cloud Pak System 2.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code...
CVE-2020-4928
Summary: IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request...
A week in security (December 28 – January 3)
First off we would like to wish all our readers a happy and secure 2021! Last week on Malwarebytes Labs...
Hack The Box Walkthrough Guide to: ID Exposed
CHALLENGE DESCRIPTIONWe are looking for Sara Medson Cruz's last location, where she left a message. We need to find out...
Check Point: What to expect from hackers in 2021
The pandemic has made its own adjustments in all areas of modern life. The attackers changed the targets of their...
Learn how to Hide your WhatsApp Profile Picture and Why ?
The latest statistics of the messaging app usage have shown that WhatsApp has 2.0 billion users worldwide, which doesn't...
Japanese Games Publisher Koei Tecmo Suffers Cyber Attack, 65,000 Users Account Compromised
The Japanese games' publisher Koei Tecmo was targeted by hackers who compromised the company's English language website and stole confidential...
Virtual Website Neopets Exposes Sensitive Data
Neopets is an online platform where kids can take care of "virtual pets." The website has revealed many sensitive user...
Appliance Giant Whirlpool Smacked by Nefilim Attack
As Ransomware attacks become the new normal, people are increasingly falling prey to such attacks in cyberspace as well...
EvtMute – Apply A Filter To The Events Being Reported By Windows Event Logging
This is a tool that allows you to offensively use YARA to apply a filter to the events being reported...
XSS-Scanner – XSS Scanner That Detects Cross-Site Scripting Vulnerabilities In Website By Injecting Malicious Scripts
Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in...
Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity
When it comes to offloading security controls to the cloud, it may seem counterintuitive to the notion of “securing” things....
CVE-2020-26217
Summary: XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary...
British Court rejects the US’s request to extradite Julian Assange
A British court has rejected the request of the US government to extradite Wikileaks founder Julian Assange to the country....
