How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM
Since the launch of InsightVM’s Custom Policy Builder in June of this year, hundreds of organizations have created and customized...
hacking
Experts spotted browser malicious extensions for Instagram, Facebook and others
Avast researchers reported that three million users installed 28 malicious Chrome or Edge extensions that could perform several malicious operations....
Launched OSSISNa, the Observatory for the Protection of the National Strategic Industrial System
On 11th December 2020, the Observatory for the Protection of the National Strategic Industrial System (OSSISNa) was officially announced. On...
Digging the recently leaked Chinese Communist Party database
KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai....
FireEye, GoDaddy, and Microsoft created a kill switch for SolarWinds backdoor
Microsoft, FireEye, and GoDaddy have partnered to create a kill switch for the Sunburst backdoor that was employed in the...
HPE discloses critical zero-day in Systems Insight Manager
HPE has disclosed a zero-day vulnerability in the latest versions of its HPE Systems Insight Manager (SIM) software for both...
Freki – Malware Analysis Platform
Freki is a free and open-source malware analysis platform.GoalsFacilitate malware analysis and reverse engineering; Provide an easy-to-use REST API...
Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device
About Ghost FrameworkGhost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device....
Happy HaXmas from the Rapid7 Team!
Happy HaXmas, everyone! This has been quite the year, but we’re thrilled that we’re able to keep up our favorite...
EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants
The European Union is going to unveil two laws, the Digital Services and Digital Markets Acts, that will impose new...
Sextortion campaign uses Goontact spyware to target Android and iOS users
Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS...
Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack
Microsoft and its partners have seized the primary domain used in the SolarWinds attack to identify the victims through sinkholing....
PyMICROPSIA Windows malware includes checks for Linux and macOS
Experts discovered a new Windows info-stealer, named PyMICROPSIA, linked to AridViper group that is rapidly evolving to target other platforms....
Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices
Experts reported flaws in Medtronic ’s MyCareLink Smart 25000 Patient Reader product that could be exploited to take control of...
Norwegian cruise company Hurtigruten was hit by a ransomware
Norwegian cruise company Hurtigruten disclosed a cyber attack that impacted its entire worldwide digital infrastructure. The Norwegian cruise company Hurtigruten...
APKLab – Android Reverse Engineering WorkBench For VS Code
APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can...
ToRat – A Remote Administation Tool Written In Go Using Tor As A Transport Mechanism And RPC For Communication
A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS...
The Risky Business: Rapid7 Report Highlights Need for Improved Vulnerability Management Practices
Back in July, Rapid7 released its first-ever National / Industry / Cloud Exposure Report, otherwise known as “NICER.” This report...
SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study
Sophos and ReversingLabs released SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10M malware samples. Sophos and...
Apple addressed multiple code execution flaws in iOS and iPadOS
Apple addressed this week serious code execution vulnerabilities that affect its iOS and iPadOS mobile operating systems. Apple released security...
SolarWinds confirmes 18,000 customers may have been impacted
18,000 SolarWinds customers may have been impacted by the attack against its supply chain, the company said in a SEC filing....
WSMan-WinRM – A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object.BackgroundFor background...
Stegseek – Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second
Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds...
