Fake COVID-19 survey hides ransomware in Canadian university attack
This post was authored by Jérôme Segura with contributions from Hossein Jazi, Hasherezade and Marcelo Rivero. In recent weeks, we’ve...
OSINT
Scammers are spoofing bank phone numbers to rob victims
It can be a very convincing trick… “You can check the number in your display online sir. You’ll see I’m...
Hackers stole the personal data of patients in Finland
Finland: Hackers have stolen data from the Vastaamo Psychotherapy Center. Folders with personal information of tens of thousands of Suomi...
Enel Group attacked by Netwalker, demanding a whooping $14 million
Energy Company Enel Group has yet again been hit by malware, making it a second this year. The energy...
DDoS attacks in Q3 2020
News overview Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to...
Awesome Android Security – A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
A curated list of Android Security materials and resources For Pentesters and Bug Hunters.BlogAAPG - Android application penetration testing guide...
iSH – Linux Shell For iOS
A project to get a Linux shell running on iOS, using usermode x86 emulation and syscall translation. For the current...
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We know that proving the efficacy of your vulnerability management program is no easy task. But with the Goals and...
Keeping ransomware cash away from your business
A ransomware gang has made headlines for donating a big chunk of stolen funds to two charities. Two separate donations...
Internet of Things (IoT): Greater Threat for Businesses Reopening Amid COVID-19 Pandemic
Businesses have increasingly adopted IoT devices, especially amid the COVID-19 pandemic to keep their operations safe. Over the past year,...
Impact of Covid-19 Web Threats on Cybersecurity, A Report from Beginning to End
Cyberattacks during the Covid-19 pandemic exposed the flawed systems of cybersecurity. We should glance at these attacks and learn new...
Numerous fraudulent sites disguised as well-known brands have appeared on the Runet
In autumn, experts recorded mass registration of domain names with the names of well-known brands in the .RU zoneSpecialists at...
Grype – A Vulnerability Scanner For Container Images And Filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents...
TASER – Python3 Resource Library For Creating Security Related Tooling
TASER (Testing And SEecurity Resource) is a Python resource library used to simplify the process of creating offensive security tooling,...
2021 Detection and Response Planning, Part 3: Why 2021 Is the Year for SOC Automation
In this third installment of our series around 2021 security planning, we’re focused on SOC automation. In part one, we...
[CVE-2020-25204] God Kings “com.innogames.core.frontend.notifications.receivers.LocalNotificationBroadcastReceiver” Improper Authorization Allowing In-Game Notification Spoofing
Posted by Julien Ahrens (RCE Security) on Oct 27RCE Security Advisoryhttps://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: God Kings Vendor URL:...
Lock and Code S1Ep18: Finding consumer value in Cybersecurity Awareness Month with Jamie Court
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Google patches actively exploited zero-day bug that affects Chrome users
Google has recently released Chrome version 86.0.4240.111 to patch several holes. One is for a zero-day flaw – that means...
JWT-Hack – Tool To En/Decoding JWT, Generate Payload For JWT Attack And Very Fast Cracking(Dict/Brutefoce)
jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and...
Decoder++ – An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats
An extensible application for penetration testers and software developers to decode/encode data into various formats.SetupDecoder++ can be either installed by...
Scan Template Best Practices in InsightVM
When you start out with one of our vulnerability management solutions, Nexpose or InsightVM, one of the first things you...
Twitter and Facebook CEOs asked to testify on election and content moderation before the US Senate
The US Senate Judiciary Committee has asked the CEO of Twitter and Facebook to evaluate their role in “platforms’...
Deepfake Bots on Telegram, Italian Authorities Investigating
Cybercriminals are using a newly created Artificial Intelligence bot to generate and share deepfake nude images of women on the...
CobaltStrikeScan – Scan Files Or Process Memory For CobaltStrike Beacons And Parse Their Configuration
Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence...
