Limelighter – A Tool For Generating Fake Code Signing Certificates Or Signing Real Ones
A tool which creates a spoof code signing to sign a file with a valid code signing certificate use the...
OSINT
Zerodium is looking for zero-day exploits in ExpressVPN, NordVPN, and Surfshark Windows VPN clients
Zero-day exploit broker Zerodium announced it is looking for zero-day vulnerabilities in the Windows clients of ExpressVPN, NordVPN, and Surfshark....
Trickbot module descriptions
Trickbot (aka TrickLoader or Trickster), is a successor of the Dyre banking Trojan that was active from 2014 to 2016...
q-logger skimmer keeps Magecart attacks going
This blog post was authored by Jérôme Segura Although global e-commerce is continuing to grow rapidly, it seems as though...
LazyCSRF – A More Useful CSRF PoC Generator
LazyCSRF is a more useful CSRF PoC InstallationDownload the jar from LICENSEMIT LicenseCopyright (C) 2021 tkmruDownload lazyCSRF If you like...
Experts found many similarities between the new Karma Ransomware and Nemty variants
Sentinel Labs experts have analyzed the new Karma ransomware and speculate it represents an evolution of the Nemty ransomware operation....
Protect yourself from BlackMatter ransomware: Advice issued
Despite promises made by the BlackMatter ransomware gang about which organizations and business types they would avoid, multiple US critical...
REvil ransomware gang disappears after Tor services hijacked
With some pests you hope they never recover from a blow. It’s almost too good to be true, but one...
Symantec uncovered a previously unknown nation-state actor, named Harvester, that targeted telcos
Symantec spotted a previously unknown nation-state actor, tracked as Harvester, that is targeting telecommunication providers and IT firms in South...
Karma_V2 – A Passive Open Source Intelligence (OSINT) Automated Reconnaissance (Framework)
𝚔𝚊𝚛𝚖𝚊 𝚟𝟸 is a Passive Open Source MODEsMODEExamples-ip bash karma_v2 -d <DOMAIN.TLD> -l <INTEGER> -ip-asn bash karma_v2 -d <DOMAIN.TLD> -l...
FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations
FBI, CISA, NSA have published a joint advisory about the operation of the BlackMatter ransomware gang and provides defense recommendations....
Trustwave released a free decryptor for the BlackByte ransomware
Trustwave’s SpiderLabs researchers have released a free decryptor for the BlackByte ransomware that can allow victims to recover their files....
Lyceum group reborn
This year, we had the honor to be selected for the thirty-first edition of the Virus Bulletin conference. During the...
Inceptor – Template-Driven AV/EDR Evasion Framework
Modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a...
TeamTNT Deploys Malicious Docker Image On Docker Hub
The Uptycs Threat Research Team spotted a campaign in which the TeamTNT threat actors deployed a malicious container image on...
Prometheus endpoint unprotected installs could expose sensitive data
Experts discovered several unprotected installs of open source event monitoring solution Prometheus that may expose sensitive data. JFrog researchers have...
“Killware”: Is it just as bad as it sounds?
On October 12, after interviewing US Secretary of Homeland Security Alejandro Mayorkas, USA TODAY’s editorial board warned its readers about...
Multiple vulnerabilities in popular WordPress plugin WP Fastest Cache
Multiple vulnerabilities have been found in the popular WordPress plugin WP Fastest Cache during an internal audit by the Jetpack...
A week in security (Oct 11 – Oct 17)
Last week on Malwarebytes Labs Google warns some users that FancyBear’s been prowling aroundInside Apple: How macOS attacks are evolvingThe...
Sinclair TV stations downtime allegedly caused by a ransomware attack
A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group...
ImpulsiveDLLHijack – C# Based Tool Which Automates The Process Of Discovering And Exploiting DLL Hijacks In Target Binaries
C# based tool which automates the process of discovering and 4. Examples:Target Executable: OneDrive.exeStage: DiscoveryStage: ExploitationSuccessful DLL Hijacks: Unsuccessful DLL Hijacks: DLL...
REvil ransomware operation shuts down once again
It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor...
Experts spotted an Ad-Blocking Chrome extension injecting malicious ads
Researchers warn of an Ad-Blocking Chrome extension that was abused by threat actors to Injecting Ads in Google search pages....
Fapro – Free, Cross-platform, Single-file mass network protocol server simulator
FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services.The goal is to support as...
