Monsoon – Fast HTTP Enumerator
A fast HTTP enumerator that allows you to execute a large number of HTTP requests, filter the responses and display...
OSINT
Avcleaner – C/C++ Source Obfuscator For Antivirus Bypass
C/C++ source obfuscator for antivirus bypass.Builddocker build . -t avcleanerdocker run -v ~/dev/scrt/avcleaner:/home/toto -it avcleaner bash #adapt ~/dev/scrt/avcleaner to the...
CVE-2020-8152 – Elevation of Privilege in Backblaze
Posted by Jason Geffner on Sep 11CVE-2020-8152 – Elevation of Privilege in Backblaze --------------------------------------------------- Summary ======= Name: Elevation of Privilege...
CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
Posted by Jason Geffner on Sep 11CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze ------------------------------------------------------------------ Summary ======= Name: Remote...
Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37
Posted by Daniel Bishtawi via Fulldisclosure on Sep 11Hello, We are informing you about Cross-Site Scripting Vulnerabilities in IlchCMS 2.1.37....
Online Credit Card Skimming on a Continual Rise – Here’s How to Prevent it
Credit card skimming has already been on a rise prior to the pandemic and the trend is most likely to...
Report: Pandemic caused significant shift in buyer appetite in the dark web
Last year, credentials for PayPal, Facebook, and Airbnb were among the top goods on high demand in the dark web,...
An overview of targeted attacks and APTs on Linux
Perhaps unsurprisingly, a lot has been written about targeted attacks on Windows systems. Windows is, due to its popularity, the...
Chinese, Iranian, and Russian APT groups target 2020 US election
Microsoft reveals that state-sponsored hackers had tried to breach email accounts belonging to people involved in the US election. Microsoft...
Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS
Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. Palo...
Colocation data centers giant Equinix data hit by Netwalker Ransomware
Equinix, one of the world’s largest providers of colocation data centers and Internet connection announced it was hit by Netwalker...
CDRThief Linux malware steals VoIP metadata from Linux softswitches
ESET researchers discovered a new piece of malware dubbed CDRThief targets a specific Voice over IP system to steal call...
BLURtooth flaw allows attacking Bluetooth encryption process
Bluetooth 4.0 through 5.0 versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. A...
Hackers stole $5.4 million from cryptocurrency exchange ETERBASE
Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 million. Slovak cryptocurrency exchange ETERBASE disclosed...
Spyre – Simple YARA-based IOC Scanner
...a simple, self-contained modular host-based IOC scannerSpyre is a simple host-based IOC scanner built around the YARA pattern matching engine...
Safety – Check Your Installed Dependencies For Known Security Vulnerabilities
Safety checks your installed dependencies for known security vulnerabilities.By default it uses the open Python vulnerability database Safety DB, but...
How to Track and Remediate Default Account Vulnerabilities in InsightVM
In this blog post, we are going to talk about a couple of older, lesser-known features that can still provide...
Malvertising campaigns come back in full swing
Malvertising campaigns leading to exploit kits are nowhere near as common these days. Indeed, a number of threat actors have...
Russia has fallen to 13th place in the world ranking of the stability of Internet segments
According to Qrator Labs, a company specializing in ensuring the availability of Internet resources and countering DDoS attacks, Russia has...
6 Malware Apps from Playstore has been banned by Google: Uninstall them from your device ASAP
The malware Joker was yet again caught making rounds on Playstore - Cybersecurity firm Pradeo identified at least six applications...
Anchore Engine – A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification
For the most up-to-date information on Anchore Engine, Anchore CLI, and other Anchore software, please refer to the Anchore DocumentationThe...
Rakkess – Kubectl Plugin To Show An Access Matrix For K8S Server Resources
Review Access - kubectl plugin to show an access matrix for server resourcesIntroHave you ever wondered what access rights you...
This One Time on a Pen Test: I’m Calling My Lawyer!
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part...
War of Linux Cryptocurrency Miners: A Battle for Resources
This blog will discuss the ruthless battle for computing power among the different cryptocurrency-mining malware that target Linux systems. We...
