Telegram Takes Down Islamist Propaganda on its Platform, Extremist Groups Struggle
The social networks and US military have imposed high regulations to control Islamist propaganda on social media and have been...
News
WastedLocker: technical analysis
The use of crypto-ransomware in targeted attacks has become an ordinary occurrence lately: new incidents are being reported every month,...
Kubei – A Flexible Kubernetes Runtime Scanner
Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes...
dazzleUP – A Tool That Detects The Privilege Escalation Vulnerabilities Caused By Misconfigurations And Missing Updates In The Windows OS
A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. dazzleUP...
Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
Update as of 10:00 A.M. PST, July 30, 2020: Our continued analysis of the malware sample showed adjustments to the...
Malspam campaign caught using GuLoader after service relaunch
They say any publicity is good publicity. But perhaps this isn’t true for CloudEye, an Italian firm that claims to...
Online Michigan Bar Exam Hit by a Distributed Denial of Service (DDoS) Attack
The recently conducted online Michigan bar exam was briefly taken down as it was hit by a rather "sophisticated" cyberattack. The...
uDork – Tool That Uses Advanced Google Search Techniques To Obtain Sensitive Information In Files Or Directories, Find IoT Devices, Detect Versions Of Web Applications, And So On
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files...
Open Source Security Meetup (OSSM): Virtual Edition
The Rapid7 Metasploit team is taking a page from DEF CON’s “SAFE MODE” operations this year, hosting our annual Open...
Cloud Best Practices Every Security Professional Should Know
In part one of this two-part series on the cloud and cloud security for security professionals, we dove into everything...
Oralyzer – Tool To Identify Open Redirection
Oralyzer, a simple python script, capable of identifying the open redirection vulnerability in a website. It does that by fuzzing...
Botnet abuses Docker servers and crypto blockchain to deliver Doki backdoor
As user organizations move more of their business infrastructure off premises, cybercriminals become increasingly motivated to target Linux-based cloud environments,...
Cloud workload security: Should you worry about it?
Due to the increasing use of the cloud, organizations find themselves dealing with hybrid environments and nebulous workloads to secure....
COVID-19 used as a lure for Cyber Attacks: Report suggest massive increase in Phishing Trends
Since the starting of the year, 2020 has been a bearer of bad news and Covid seems like a bad...
Google Banned 29 Android Apps Containing Adware
A research discovered that almost all the malware are designed to target android users and in order to prevent users...
APT trends report Q2 2020
For more than three years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...
Kubebox – Terminal And Web Console For Kubernetes
Terminal and Web console for KubernetesFeatures Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube) Switch contexts interactively Authentication support...
Commit Stream – OSINT Tool For Finding Github Repositories By Extracting Commit Logs In Real Time From The Github Event API
commit-stream drinks commit logs from the Github event firehose exposing the author details (name and email address) associated with Github...
Remote Code Execution Risks in Secomea, Moxa, and HMS eWon ICS VPN Vulnerabilities: What You Need to Know
On Wednesday, July 28, 2020, researchers at Claroty released information on a number of critical remote code execution vulnerabilities across...
Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II
SummaryContext: The Court of Justice of the European Union (CJEU) struck down the EU-US Privacy Shield (Privacy Shield) as a...
Joe FitzPatrick on the Future of Hardware Security Training Sessions
This week Rapid7 welcomes Joe FitzPatrick, a lead researcher at securinghardware.com, as he discusses what it takes to run a...
TikTok is being discouraged and the app may be banned
In recent news retail giant Amazon sent a memo to employees telling them to delete the popular social media app...
The data of clients of the Russian bank Alfa-Bank leaked to the Network
On June 22, a message appeared on the Darknet about the sale of a database of clients of the largest...
The National Security and Defense Council of Ukraine reported a leak of IP addresses of government websites
The leaked list of hidden government IP addresses of government websites occurred in Ukraine. This is stated in the statement...
