STRRAT RAT spreads masquerading as ransomware
Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence...
hacking
ABPTTS – TCP Tunneling Over HTTP/HTTPS For Web Application Servers
A Black Path Toward The Sun(TCP tunneling over HTTP for web application servers) https://www.blackhat.com/us-16/arsenal.html#a-black-path-toward-the-sun Ben Lincoln, NCC Group, 2016 ABPTTS...
Etherblob-Explorer – Search And Extract Blob Files On The Ethereum Blockchain Network
Search and extract blob files on the Ethereum network using Etherscan.io API.IntroductionEtherBlob Explorer is a tool intended for researchers, analysts,...
A dozen Android apps exposed data of 100M+ users
Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers...
Privacy Concerns On Cookies Storing Personal Information
Which are privacy concerns on the way organizations collect personal information through the use of cookies? Data is constantly being...
Russian citizen Anton Bogdanov sentenced to 5 years for cyber tax fraud scheme
Russian hacker Anton Bogdanov was sentenced to 5 years’ imprisonment for attempting to steal $1.5 million in tax refunds by hacking...
Blind SQL Injection flaw in WP Statistics impacted 600K+ sites
Experts discovered a Time-Based Blind SQL Injection vulnerability in the WP Statistics plugin which is installed on over 600,000 WordPress...
Google addresses 4 zero-day flaws in Android exploited in the wild
Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the...
Overview of Empire 4.0 and C#
The release of Empire 4.0 is just around the corner and we wanted to take some time to walkthrough some...
IPED – Digital Forensic Tool – Process And Analyze Digital Evidence, Often Seized At Crime Scenes By Law Enforcement Or In A Corporate Investigation By Private Examiners
IPED is an open source software that can be used to process and analyze digital evidence, often seized at crime...
Ghidra-Evm – Module For Reverse Engineering Smart Contracts
In the last few years, attacks on deployed smart contracts in the Ethereum blockchain have ended up in a significant...
Hacking the infotainment system used in Mercedes-Benz cars
Security researchers identified five vulnerabilities in the infotainment system in Mercedes-Benz cars, four of them are remotely exploitable. Security researchers...
Conti ransomware gang also breached Ireland Department of Health (DoH)
Conti ransomware also breached the network of Ireland’s Department of Health (DoH) but the ransomware failed to encrypt the systems....
DarkSide ransomware made $90 million since October 2020
Researchers from blockchain analysis firm Elliptic estimated that Darkside ransomware gang has made over $90 million from its attacks. Experts...
European Council extends sanctions against foreign threat actors
European Council extended for one year the sanctions against foreign threat actors that threaten the European Union and its member...
Msldap – LDAP Library For Auditing MS AD
msldapLDAP library for MS AD DocumentationAwesome documentation here! FeaturesComes with a built-in console LDAP client All parameters can be conrolled...
Mediator – An Extensible, End-To-End Encrypted Reverse Shell With A Novel Approach To Its Architecture
Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that...
Analysis of NoCry ransomware: A variant of the Judge ransomware
Researchers at Tesorion released a decryptor for Judge ransomware that also decrypts files encrypted by the NoCry ransomware. In January...
Discovery of Simps Botnet Leads To Ties to Keksec Group
Uptycs’ threat research team discovered a new botnet, tracked as Simps botnet, attributed to Keksec group, which is focused on...
Bizarro banking Trojan targets banks in Brazil and abroad
Bizarro is a new sophisticated Brazilian banking trojan that is targeting customers of tens of banks in Europe and South...
Corsair_Scan – A Security Tool To Test Cross-Origin Resource Sharing (CORS)
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS) misconfigurations. CORS is a mechanism that allows restricted resources...
Eyeballer – Convolutional Neural Network For Analyzing Pentest Screenshots
Eyeballer is meant for large-scope network penetration tests where you need to find "interesting" targets from a huge set of...
Android stalkerware, a danger for victims and stalkers
ESET research shows that Android stalkerware apps are affected by vulnerabilities that further threaten victims. ESET research reveals that common...
Expert released PoC exploit code for Windows CVE-2021-31166 bug
A security researcher has published a working proof-of-concept exploit code for a wormable Windows IIS server vulnerability tracked as CVE-2021-31166....
