Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox (“WSB”)
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB"). The sandbox is used by Windows Defender...
News
Apple security hampers detection of unwanted programs
Anyone who uses Malwarebytes software is probably familiar with the fact that, in addition to things like malware and adware,...
Looks like we’re stuck with Zoom: Is it any safer?
Earlier this month, Zoom’s stock price took a dive on news of two promising COVID vaccines offering over 90 percent...
Russian expert warned about the dangers of password theft during video conferencing
Anton Kardanov, head of the information security sector at AT Consulting, warned that motion recognition systems can be used by...
Chinese State-Sponsored Hackers Exploiting Zerologon Vulnerability
Chinese state-sponsored threat actors have been observed exploiting the Zerologon vulnerability in a global campaign targeting businesses from multiple industries...
Lookalike domains and how to outfox them
Our colleagues already delved into how cybercriminals attack companies through compromised email addresses of employees, and how to protect against...
UAFuzz – Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to...
Xerror – Fully Automated Pentesting Tool
Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks....
CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This...
Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Interview Spotlight: Israeli Hardware Solutions, Sepio Systems
On 19 November, E-Hacking News conducted an interesting interview with Sepio Systems. The company provides its customers with the highest...
ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to...
Osi.Ig – Information Gathering Instagram
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to...
Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making
The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain...
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
WhatsApp’s ‘disappearing messages’ now available for Indian users; here’s how you can enable disappearing messages on your WhatsApp
The much popular messaging application earlier announced that they will be rolling out a new 'Disappearing Messages' feature, where sent...
Manchester United Hit By a Cyber Attack on their Systems
Manchester United affirmed the hacking on the club and revealed systems required for the match remained secure.Have been hit by...
Amlsec – Automated Security Risk Identification Using AutomationML-based Engineering Data
This prototype identifies security risk sources (i.e., threats and vulnerabilities) and types of attack consequences based on AutomationML (AML) artifacts....
SIRAS – Security Incident Response Automated Simulations
Security Incident Response Automated Simulations (SIRAS) are internal/controlled actions that provide a structured opportunity to practice the incident response plan...
Fuzzilli – A JavaScript Engine Fuzzer
A (coverage-)guided fuzzer for dynamic language interpreters based on a custom intermediate language ("FuzzIL") which can be mutated and translated...
Routopsy – A Toolkit Built To Attack Often Overlooked Networking Protocols
Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols (DRP)...
Websites requiring security software downloads opened door to supply chain attack
The Seoul skyline in South Korea (Flickr – Laurie Nevayhttps://www.flickr.com/photos/laurienevay/, CC BY-SA 2.0 https://creativecommons.org/licenses/by-sa/2.0, via Wikimedia Commons).A newly reported supply...
With Black Friday-Cyber Monday looming, Grelos skimmer tied to Magecart poses threat
A new Grelos skimmer variant tied to Magecart Group could potentially lure online shoppers to fill out phony payment forms...
Black Friday 2020: How to shop safely online
Black Friday 2020 promises to be somewhat different from years gone by thanks to COVID-19. The annual surge of in-store...
