Experts have found the most vulnerable places in Runet
Personal accounts of Runet users in various services, including Internet banks, turned out to be the worst protected from hackers....
Phishing Scam: Puerto Rico Government Loses More than $2.6 million
Puerto Rico's government fell for an email phishing scam and unintentionally lost over $2.6 million to cyber-criminals behind the scam,...
BurpSuite Random User-Agents – Burp Suite Extension For Generate A Random User-Agents
A Burp Suite extension to help pentesters to generate a random user-agent. This extension has been developed by M'hamed (@m4ll0k)...
CTFTOOL – Interactive CTF Exploration Tool
An Interactive CTF Exploration ToolThis is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used...
Hackers On The Hill – Slides and recap on cybersecurity policy
In advance of ShmooCon, Rapid7 co-organized the Hackers On The Hill event with the omnipresent Beau Woods of I Am...
LokiBot Impersonates Popular Game Launcher and Drops Compiled C# Code File
(By Augusto Remillano II, Mohammed Malubay, and Arvin Roi Macaraeg, Threat Analysts) LokiBot, which has the ability to harvest sensitive...
Mac cyberattacks double in 2019: Malwarebytes
The Apple ecosystem has long been considered the safer environment compared to Windows when it comes to being targeted by...
Phishing campaign targets Americas with new variant of Loda RAT
Researchers have observed a new malware campaign that’s been targeting the U.S., Argentina, Brazil and Costa Rica with an updated...
Cyber tips for safe online dating: How to avoid privacy gaffs, exploits, and scams
Research and reporting on this article were conducted by Labs writers Chris Boyd and David Ruiz. Dating apps have been mainstream...
The Ascent of Gift Card Scams Leads in the Rise of Amount of Money Being Lost
With the rise of phishing attacks, business email compromise (BEC) campaigns and gift scams bring along with it the rise...
Most corporate networks in Russia are at cyber risks
Most (81 percent) of corporate and government structures networks were infected with malicious software. This is the conclusion was made...
DDoS attacks in Q4 2019
News overview In the past quarter, DDoS organizers continued to harness non-standard protocols for amplification attacks. In the wake of...
Aduket – Straight-forward HTTP Client Testing, Assertions Included
Straight-forward HTTP client testing, assertions included! Simple httptest.Server wrapper with a little request recorder spice on it. No special DSL,...
OpenRelayMagic – Tool To Find SMTP Servers Vulnerable To Open Relay
╔═╗┌─┐┌─┐┌┐┌╦═╗┌─┐┬ ┌─┐┬ ┬╔╦╗┌─┐┌─┐┬┌─┐║ ║├─┘├┤ │││╠╦╝├┤ │ ├─┤└┬┘║║║├─┤│ ┬││ ╚═╝┴ └─┘┘└┘╩╚═└─┘┴─┘┴ ┴ ┴ ╩ ╩┴ ┴└─┘┴└─┘Tool to test for vulnerable open...
Ask a Pen Tester Q&A, Part 2: Everything You Need to Know About the Art of Penetration Testing
Penetration testing has become increasingly important to organizations of all sizes, as cyber-crimes increase and attackers run rampant. Identifying vulnerabilities...
An In-Depth Technical Analysis of CurveBall (CVE-2020-0601)
by: John Simpson (Vulnerability Researcher) The first Microsoft patch Tuesday of 2020 contained fixes for CVE-2020-0601, a vulnerability discovered by...
Android Trojan xHelper uses persistent re-infection tactics: here’s how to remove
We first stumbled upon the nasty Android Trojan xHelper, a stealthy malware dropper, in May 2019. By mid-summer 2019, xHelper was...
12,000+ Jenkins servers can be used to launch DDoS attacks
According to Radware researchers, a vulnerability (CVE-2020-2100) in 12,000+ Jenkins servers can be exploited to launch and amplify DDoS attacks...
Hashcracker – Python Hash Cracker
Supported hashing algorithms: SHA512, SHA256, SHA384, SHA1, MD5 Features: auto detection of hashing algorithm based on length (not recommended), bruteforce,...
KawaiiDeauther – Jam All Wifi Clients/Routers
Kawaii Deauther is a pentest toolkit whose goal is to perform jam on WiFi clients/routers and spam many fake AP...
How to Handle Misconfigurations in the Cloud
This blog post is part three of our four-part series on security in the cloud. In part one, we discussed...
February Patch Tuesday: Fixes for Critical LNK, RDP, Trident Vulnerabilities
The first Patch Tuesday of 2020 in January brought an unusually long list of patches, but February brings an even...
Phishing emails lure victims with news of coronavirus’ impact on shipping
Looking to capitalize on the current coronavirus scare, malware distributors have launched a new phishing campaign that targets global companies...
Deputy of the State Duma of the Russian Federation: it is necessary at the legislative level to protect the data of Russians on Facebook
Andrey Alshevskikh, the State Duma Deputy, said that the threat to the personal data of Russian users of the social...
