How Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response
In case you missed it, we introduced Network Traffic Analysis for our InsightIDR and MDR customers a few months back....
News
Cyber snoops targeted aerospace, defense employees with fake job offers on LinkedIn
A cyber espionage operation used fake job offers, sent via LinkedIn messages, to target employees at aerospace and military companies...
Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature
This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document...
End of line: supporting IoT in the home
Trouble is potentially brewing in Internet of Things (IoT) land, even if the consequences may still be a little way...
The Russian quality system (Roskachestvo) spoke about the vulnerabilities of “smart” homes
According to Roskachestvo, the Internet of things devices can violate the physical and information security of the owner if hackers...
All You Need to Know About the Recent DDoS Attacks and Threats that have Surfaced in the U.S
Cybersecurity experts have denied incidents of any DDoS s attacks in recent times. However, the attacks on T-Mobile's services that...
Devicelock: data from 115 thousand Russians was put up for sale on the Web
A database with the data of Russians stuck abroad because of the coronavirus and returning to their homeland was put...
Know ways to avoid credit or debit card frauds
Since 2016, when India decided to go cashless the growth of online payments increased exponentially but not without risks. Online...
Apple’s APSDaemon Vulnerability Abused by Malware Distributors
Attackers can maliciously redirect users on websites sharing counterfeit products, adult content or videos and dupe them into installing malware...
Do cybercriminals play cyber games during quarantine?
Thanks to the coronavirus pandemic, the role of the Internet in our lives has undergone changes, including irreversible ones. Some...
TeaBreak – A Productivity Burp Extension Which Reminds To Take Break While You Are At Work!
TeaBreak is a simple burp extension for security researchers and bug bounty hunters for helping them to increase their work...
Digital Signature Hijack – Binaries, PowerShell Scripts And Information About Digital Signature Hijacking
Hijacking legitimate digital signatures is a technique that can be used during red team assessments in order to sign PowerShell...
The Security Practitioner’s Intro to the Cloud: Everything You Ever Wanted to Know But Were Afraid to Ask
Before I bought a house a few years ago, my understanding of mortgages was pretty shaky at best. I only...
In Armenia data about thousands of patients with coronavirus were leaked
The National Security Service of Armenia (NSS) finds out that the personal data of 3,500 patients with coronavirus and their...
SecretFinder – A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT…) And Search Anything On Javascript Files
SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript...
SIEM Security Tools: Six Expensive Misconceptions
How next-gen SIEM security solutions increase time to value in a modern threat environmentThe changing security landscape demands the most...
Unlocking the Power of Macro Authentication: Part One
This blog post is part one in a three-part series on macro authentication.You may have come across macro authentication when...
VPNs: should you use them?
We are going to talk today about something you’ve likely heard of before: VPNs, or Virtual Private Networks. We at...
Fsociety – A Modular Penetration Testing Framework
Become a Patron! Installpip install fsocietyUpdatepip install --upgrade fsocietyUsageusage: fsociety A Penetration Testing Frameworkoptional arguments: -h, --help show this help...
Threats to U.S. Space Systems Multiply Rapidly; a Novel Approach Emerges For Protection
Become a Patron! The increasing vulnerability of U.S. space systems lately has incited its rivals to begin with their development...
Targeting U.S. banks, Qbot trojan evolves with new evasion techniques
By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to...
A week in security (June 8 – 14)
Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list...
Enel Group attacked by SNAKE ransomware same as Honda
The Enel Group, a power, and sustainability company were hit by EKANS (SNAKE) ransomware on June 7th affecting its internal...
Explicit content and cyberthreats: 2019 report
‘Stay at home’ is the new motto for 2020 and it has entailed many changes to our daily lives, most...
