Internet of Things Cybersecurity Regulation and Rapid7
Public policy and the Internet of ThingsOver the past few years, the security of the Internet of Things (IoT) has...
News
Good news: Stalkerware survey results show majority of people aren’t creepy
Back in July, we sent out a survey to Malwarebytes Labs readers on the subject of stalkerware—the term used to describe...
Experts identified flaw that allows criminals to steal money using Faster Payments System (FPS)
Experts have identified a flaw that allows criminals to steal money from accounts of clients of banks through the Faster...
FBI Arrests Russian Hacker, Who Tried To Convince An Employee to Hack His Nevada Company
A hacker from Russia went to America and asked an employee of a Nevada company to install a malware in...
Over 500 SSH Servers being Breached by FritzFrog P2P Botnet
Cyberspace has seen an unprecedented rise in modified versions of peer-to peer, also known as (P2P) threats, it might have...
Transparent Tribe: Evolution analysis,part 2
Background + Key findings Transparent Tribe, also known as PROJECTM or MYTHIC LEOPARD, is a highly prolific group whose activities...
Hack-Tools – The All-In-One Red Team Extension For Web Pentester
The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it...
ezEmu – Simple Execution Of Commands For Defensive Tuning/Research
ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers",...
Rapid7 Releases 2020 Under the Hoodie Report: Lessons Learned from a Year of Penetration Tests
Well, it's March 179th, 2020, and while we didn't actually get a summer here in 2020, it's time once again...
Our New Blog
Security Intelligence Blog has a new home! Our new site is https://www.trendmicro.com/en_us/research.html Read new threat discoveries, relevant perspectives on security...
Microsoft’s new report suggest a rapid transformation in cyber security due to the pandemic
In just two months of the pandemic, the digital world went through "two years worth of digital transformation" according to...
The cybersecurity skills gap is misunderstood
Nearly every year, a trade association, a university, an independent researcher, or a large corporation—and sometimes all of them and...
The Russian quality system (Roskachestvo) reported on the new traps of scams in WhatsApp
The absolute majority of fraud in WhatsApp occurs through social engineering when the text prompts the user to click on...
VolExp – Volatility Explorer
This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility...
InsightIDR Demo: Cloud-Native SIEM vs. Modern Security Challenges
As much as the phrase “a crowded theatre” calls to mind images from bygone days, we’re old enough to remember...
AWS Recon – Multi-threaded AWS Inventory Collection Tool With A Focus On Security-Relevant Resources And Metadata
A multi-threaded AWS inventory collection tool.The creators of this tool have a recurring need to be able to efficiently collect...
SMBs assaulted by ‘mercenary’ DeathStalker APT espionage campaigns
The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in...
A week in security (August 17 – 23)
Last week on Malwarebytes Labs, we looked at the impact of COVID-19 on healthcare cybersecurity, dug into some pandemic stats...
TikTok Files Lawsuit Against the U.S. Government Over Ban of Its Application
Tiktok has confirmed that it is going to sue the U.S. government for banning the use of Tiktok application in...
Lifting the veil on DeathStalker, a mercenary triumvirate
State-sponsored threat actors and sophisticated attacks are often in the spotlight. Indeed, their innovative techniques, advanced malware platforms and 0-day...
Yeti – Your Everyday Threat Intelligence
Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified...
Parth – Heuristic Vulnerable Parameter Scanner
Some HTTP parameter names are more commonly associated with one functionality than the others. For example, the parameter ?url= usually...
Life as a Rapid7 Rotato: Launch Your Career
At Rapid7, we believe that by hiring a team with a strong diversity of mindset, different levels of experience, and...
Here’s how to Ensure Data Security Using FShred App
Users are well aware of the fact that while deleting photos, videos, files, or any other form of data on...
