CNY Works Data Breach: Personal Details of 56,000 Customers Exposed
Social Security numbers, names, and other personal details of around 56,000 individuals were exposed as CNY Works faced a data...
How to Report IP Addresses
Spam is a common nuisance for users of the Internet. However, it is not just annoying - these messages may...
Server Side Template Injection Payloads
Server-side template injection is when an attacker is able to use native template syntax to inject a malicious payload into...
Behave – A Monitoring Browser Extension For Pages Acting As Bad Boys
A (Still in Development) monitoring browser extension for pages acting as bad boys.NB: This is the code repository of the...
Report accuses China of extensive mobile spyware use to track ethnic minority group
A new blog post and research report from the Lookout Threat Intelligence Team has exposed the lengths to which a...
In six months, hackers attacked Russian government systems more than a billion times
Since the beginning of the year, infrastructural digital objects of Russia have undergone cyber-attacks more than a billion times, said...
Enterprises Improving Their Response to Cybersecurity Incidents, Yet Contributing To Reduce the Effectiveness of Defense
IBM recently released the results of a global survey, which recommended that while investment and planning are on the uptake,...
Indians to use VPN as a way to evade ban on Chinese Apps
It seems like people have found a way to circumvent government's ban on 59 Chinese Apps including favorites like TikTok,...
ShellGen – Reverse shell generator
This is a simple script that will generate a specific or all shellcodes for CTFs using the VPN IP address...
KITT-Lite – Python-Based Pentesting CLI Tool
The KITT Penetration Testing Framework was developed as an open source solution for pentesters and programmers alike to compile the...
A Deep Dive Into Samsung’s TrustZone (Part 3)
Part 1: Detailed overview of Samsung's TrustZone components Part 2: Tools development for reverse-engineering and vulnerability research Part 3: Vulnerability...
The Public Chamber of the Russian Federation reported a DDoS attack on its website
The website of the Public Chamber (OP) of Russia was attacked by hackers. The site of the project on the...
Do Chromebooks need antivirus protection?
The supervisor handed Jim a Chromebook and said: “Take this home with you and use it to send me updates....
How AI and Voice Technology is Similar to a Service Dog
Can a more complex comparison be made? AI and voice assistance are similar to a seeing-eye dog. Throwing the duties...
‘GoldenSpy’ tax software campaign tries to erase evidence of malware
The actors behind a campaign to spread GoldenSpy malware via tax accounting software used by customers of a Chinese bank...
Google Playstore Removes 25 Android Apps that Stole User Login Credentials
In a recent cybersecurity incident, Google cleared 25 applications from its google play store as they were alleged to steal...
IIS-Raid – A Native Backdoor Module For Microsoft IIS (Internet Information Services)
IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry...
UsoDllLoader – Windows – Weaponizing Privileged File Writes With The Update Session Orchestrator Service
2020-06-06 Update: this trick no longer works on the latest builds of Windows 10 Insider Preview. This means that, although...
InsightAppSec Release Roundup: What’s New and Updated
Despite the summer season entering full swing, we know cyber-threats take no vacations. That’s why our team has been working...
How to Use Custom Policy Builder to Customize Password Policies in InsightVM
This post is part two of a two-part blog series on policy customization in InsightVM, Rapid7’s vulnerability risk management solution.In...
Cybercriminals likely poised to attack as Adobe ends support for Magento 1
After publishing a final security update for Magento 1 last week, Adobe is ending support for its popular 12-year-old ecommerce...
Geopolitical targets figuring in latest StrongPity attacks
StrongPity, aka Promethium, a potentially state-sponsored APT group active since 2012, isn’t letting exposed campaigns in recent years stop it...
New Mac ransomware spreading through piracy
A Twitter user going by the handle @beatsballert messaged me yesterday after learning of an apparently malicious Little Snitch installer...
Bluetooth beacons: one free privacy debate with your next order
Apps and their permissions have been in the news recently, particularly in relation to tracking/privacy issues and Bluetooth. Why Bluetooth,...
