5 tips for building an effective security operations center (SOC)
Security is more than just tools and processes. It is also the people that develop and operate security systems. Creating...
News
Bitcoin fraud worth $ 359M caught by the Brazil Police
The Brazilian police have found what is said to be an alleged Bitcoins fraud that stole $ 359M from the...
A cyber- security provider discovers Microsoft, LinkedIn and many others becoming the most preferred targets for phishing
Akamai Technologies, Inc. an American content delivery network as of late discovered various issues, like the DDoS attacks, credential stuffing,...
Romanian cybercriminals sentenced to 20 years in prison for developing malware
Two Romanian citizens were sentenced to imprisonment for the development and operation of the Bayrob malware, which infected more than...
Maze Ransomware Exfiltrated Data of Southwire Firm, Threatens to Publish if Ransom Not Paid
Maze ransomware, a variant of Chacha Ransomware that has been leading the charge of various ransomware attacks lately, now claimed...
Dsiem – Security Event Correlation Engine For ELK Stack
Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and...
Exploitivator – Automate Metasploit Scanning And Exploitation
This has only been tested on Kali.It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/Install the...
Metasploit Wrap-Up
Powershell Express Delivery The web_delivery module is often used to deliver a payload during post exploitation by quickly firing up...
The Most Commonly Exploited Web Application Vulnerabilities in a Production Environment
Some of the most common web application vulnerabilities tend to be the most exploited because they are difficult to spot,...
More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
This blog was originally published on November 13, 2019. By Feike Hacquebord, Cedric Pernet, and Kenney Lu The threat group...
Krampus-3PC malware redirects iPhone users to phishing pages
iPhone users who visited certain publishing websites that were compromised by a malvertising campaign may have gotten an unwelcome visit...
Snatch ransomware encrypts files in Safe Mode to thwart security software
A cybercriminal organization has been attacking Windows users with a hybrid ransomware and data stealer program that encrypts machines while...
Company sued for allegedly hijacking Facebook accounts to serve ads
In a lawsuit filed yesterday, Facebook is accusing a Hong Kong-based company of infecting individuals with malware in order to...
U.S. charges alleged members of “Evil Corp” cybercrime group for Zeus and Dridex campaigns
The U.S. today announced legal and regulatory action against the powerhouse cybercriminal group Evil Corp, filing hacking and bank fraud...
Tetris game app used to distribute PyXie Python RAT
A new remote access trojan whose name reminds one of a fairytale and not the potential nightmare it could bring...
Threat spotlight: The curious case of Ryuk ransomware
Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now...
RTTM – Real Time Threat Monitoring Tool
Monitoring possible threats of your company on Internet is an impossible task to be achieved manually. Hence many threats of...
HashCobra – Hash Cracking Tool
hashcobra Hash Cracking tool.Usage$ ./hashcobra -H--====--usage: hashcobra -o <opr> | options: -a <alg> - hashing algorithm - ? to list...
Splunk Attack Range – A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk
The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a...
(Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing
By Arianne Dela Cruz, Jay Nebre and Augusto Remillano II As the value of cryptocurrencies increased (after a short dip...
Waterbear is Back, Uses API Hooking to Evade Security Product Detection
By Vickie Su, Anita Hsieh, and Dove Chiu Waterbear, which has been around for several years, is a campaign that...
December Patch Tuesday: Vulnerabilities in Windows components, RDP, and PowerPoint Get Fixes
Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of...
Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we...
Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
We found a new spyware family disguised as chat apps on a phishing website. We believe that the apps, which...
