New Mac variant of Lazarus Dacls RAT distributed via Trojanized 2FA app
This blog post was authored by Hossein Jazi, Thomas Reed and Jérôme Segura. We recently identified what we believe is...
News
Credit card skimmer masquerades as favicon
Malware authors are notorious for their deceptive attempts at staying one step ahead of defenders. As their schemes get exposed,...
Attackers Exploit Two Vulnerabilities in SaltStack to Publish Arbitrary Control Messages and Much More
CISA has sent warnings to the users regarding two critical vulnerabilities in SaltStack Salt, an open-source remote task and configuration...
Fileless Malware Attacks and How To Fight Them!
It has been crystal clear over these years with the increase in a number of cyber-attacks of an equally unique...
DDoS attacks in Q1 2020
News overview Since the beginning of 2020, due to the COVID-2019 pandemic, life has shifted almost entirely to the Web...
Nexphisher – Advanced Phishing Tool For Linux & Termux
NexPhisher is an automated Phishing tool made for Termux & Linux .The phishing Pages are Taken from Zphisher under GNU...
TorghostNG – Make All Your Internet Traffic Anonymized Through Tor Network
TorghostNG is a tool that make all your internet traffic anonymized through Tor network.Rewritten from TorGhost with Python 3.TorghostNG was...
Why SOAR Is an Essential Cybersecurity Tool for Financial Services Companies
Security in the financial services world remains as essential as ever. It seems news about hackers stealing customer banking data...
Targeted Ransomware Attack Hits Taiwanese Organizations
A new targeted attack has infected several organizations in Taiwan with a new ransomware family, which we have dubbed ColdLock....
Vulnerabilities in two VPNs opened door to fake, malicious updates
Hackers can exploit critical vulnerabilities in PrivateVPN and Betternet – since fixed – to push out fake updates and plant...
‘About Coronavirus’ app locks Android screens with repackaged malware
An existing version of the Android device screen-locking malware SLocker has apparently been copied and repackaged in the form of...
Explained: cloud-delivered security
As a counterpart to security for your assets in the cloud, you may also run into solutions that offer security...
Moscow has denied accusations of stealing coronavirus-related developments
Accusations of the British authorities against Russia of allegedly stealing coronavirus developments by Russian hackers are "typical corona - madness"...
“CursedChrome”, a chrome extension used by hackers to make your browser into a proxy
Security researchers have found a Chrome extension that turns Chrome browsers in proxy bots that enables the hacker to browse...
Sshprank – A Fast SSH Mass-Scanner, Login Cracker And Banner Grabber Tool Using The Python-Masscan Module
A fast SSH mass-scanner, login cracker and banner grabber tool using the python-masscan module.Usage$ sshprank -H--====--usage sshprank <mode> | <misc>modes...
Generator-Burp-Extension – Everything You Need About Burp Extension Generation
Everything You Need About Burp Extension GenerationInstallationFirst, install Yeoman and generator-burp-extension using npm (we assume you have pre-installed node.js).npm install...
Reduce Risk with CyberArk and Rapid7 Integrations
This blog post was co-authored by Andrew Silberman and Justin Buchanan.It’s well known in the world of cybersecurity that you...
A week in security (April 27 – May 3)
Last week on Malwarebytes Labs, we looked at how secure the cloud is, understood why unexpected demand can influence an...
Email of the Pskov Churchman Tikhon was hacked
The Churchman Tikhon (Mr. Shevkunov), who is called "Vladimir Putin's Confessor" in the media, told about the hacking of his...
Hackers Exploit Ad Networks to Launch Phishing Attacks against Android Users
The hackers are exploiting mobile ad networks that take the android users to malicious websites. After this, hackers can either...
Parsec – Secure Cloud Framework
Homepage: https://parsec.cloudDocumentation: https://parsec-cloud.readthedocs.org.Parsec is a free software (AGPL v3) aiming at easily share your work and data in the cloud...
Invoker – Penetration Testing Utility
Penetration testing utility.The goal is to use this tool when access to some Windows OS features through GUI is restricted.Some...
5 Challenges Outsourced Detection and Response Operations Can Help Solve
From the comfort of the Gloucester Shed—my “home office” that’s now gaining notoriety internally at Rapid7—I recently watched three colleagues...
Fake Email Campaign Demanding Ransom in Cryptocurrency
Internet users have been alerted by national federal cybersecurity agency against a fake email campaign that is going on in...
