The Blue Mockingbird Malware Group Exploits Vulnerabilities in Organizations’ Networks
Another notorious crypto-currency mining malware has surfaced which allegedly has been infecting the systems of countless organizations. The group with...
Spam and phishing in Q1 2020
Quarterly highlights Don’t get burned Burning Man is one of the most eagerly awaited events among fans of spectacular performance...
OhMyQR – Hijack Services That Relies On QR Code Authentication
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all...
FinalRecon – The Last Web Recon Tool You’ll Need
FinalRecon is a fast and simple python script for web reconnaissance. It follows a modular structure so in future new...
Supporting Our Medical Professionals in the Age of COVID-19: Cybersecurity in the Healthcare Sector
Now more than ever, healthcare workers need and deserve top-notch technical support. But between skyrocketing demand for telepractitioners and rising...
Turla’s ComRAT v4 uses Gmail web UI to receive commands, steal data
Researchers have uncovered version of the ComRat backdoor, one of the Turla Group’s oldest malware families, that distinguishes itself by...
Russian experts assessed the level of protection of corporate data from hacker attacks
Even a low-skilled hacker can hack the internal network of global companies. An experienced attacker will not need more than...
China and Digital Currency : multifaceted advantages or a surveillance and tracking juncture?
People’s Bank of China (PBoC), China's central bank issued a public notice on April 29, 2020, “In order to implement...
Aggressive in-app advertising in Android
Recently, we’ve been noticing ever more dubious advertising libraries in popular apps on Google Play. The monetization methods used in...
Jaeles v0.9 – The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.InstallationDownload precompiled...
Game-based learning platform provides full immersion into cybersecurity
Working and learning have gone remote, and we have to come to terms with this new reality. Nowadays, several organizations...
AutoRDPwn v5.1 – The Shadow Attack Framework
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This...
New Spectra Attack that breaks the division between Wi-Fi and Bluetooth to be released at Black Hat Security Conference
The developers call it "Spectra." This assault neutralizes "combo chips," specific chips that handle various kinds of radio wave-based remote...
Email Phishing Scam: Scammers Impersonate LogMeIn to Mine Users’ Account Credentials
A Boston, Massachusetts based company, LogMeIn that provides software as a service and cloud-based remote connectivity services for collaboration, IT...
EvilApp – Phishing Attack Using An Android App To Grab Session Cookies For Any Website (ByPass 2FA)
Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass...
S3BucketList – Firefox Plugin The Lists Amazon S3 Buckets Found In Requests
S3BucketList is a Firefox plugin that records S3 Buckets found in requests. It is currently a work in progress and...
TV Equipment Used To Eavesdrop On Sensitive Satellite Communications
With just £270 ($300) of home television equipment an Oxford University-based security researcher caught terabytes of real-world satellite traffic including...
Locator – Geolocator, Ip Tracker, Device Info By URL (Serveo And Ngrok)
Geolocator, Ip Tracker, Device Info by URL (Serveo and Ngrok). It uses tinyurl to obfuscate the Serveo link.Legal disclaimer:Usage of...
Guardedbox – Online Client-Side Manager For Secure Storage And Secrets Sharing
GuardedBox is an open-source online client-side manager for secure storage and secrets sharing.It allows users to upload secrets to a...
Going dark: encryption and law enforcement
UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited. Given...
Russia puts cryptocurrency under a ban
Russian parliamentarians have developed a package of bills that assume administrative and criminal responsibility for the use of cryptocurrencies. Experts...
Israeli Security Company NSO Pretends to Be Facebook
As per several reports, Facebook was imitated by an Israeli security company that is known as the “NSO Group” to...
Wishbone Breach: Hacker Leaks Personal Data of 40 Million Users
Personal data of 40 million users registered on Wishbone has been published online by hackers, it included user details like...
Russian banks revealed new types of fraud
Stanislav Kuznetsov, Deputy Chairman of the Board of the Bank, said that fake Internet recruiting agencies that offer employment have...
