APT36: A Pakistani Hacking Group, Strengthens Its Operations and Finds New Targets
Famous as APT36, Transparent Tribe is a hacking group that works from Pakistan. APT36 is infamous for monitoring and spying...
OSINT
The new iOS 14 to drop Facebook’s Audience Network Advertising to 50%
Facebook on Wednesday posted a response to the new iOS 14 on their official blog stating that the new iOS...
Vulnerable-AD – Create A Vulnerable Active Directory That’S Allowing You To Test Most Of Active Directory Attacks In Local Lab
Create a vulnerable active directory that's allowing you to test most of active directory attacks in local lab.Main FeaturesRandomize AttacksFull...
Bluescan – A Powerful Bluetooth Scanner For Scanning BR/LE Devices, LMP, SDP, GATT And Vulnerabilities!
Bluescan is a open source project by Sourcell Xu from DBAPP Security HatLab. Anyone may redistribute copies of bluescan to...
Trojan infects NCR, posing risk to supply chain
String of ATMs seen at Hartsfield-Jackson Atlanta International Airport. A trojan infected NCR Corporation, potentially posing a supply chain risk...
Missing person scams: what to watch out for
Social media has a long history of people asking for help or giving advice to other users. One common feature...
NZ Stock Exchange Halted Temporarily Twice After Being Hit by Cyber Attacks
The New Zealand stock exchange was hit by a cyber-attack due to which it had to remain offline two days...
Russian citizen arrested in the United States on charges of organizing a cyber crime
According to the Ministry of Justice, 27-year-old Yegor Kryuchkov tried to pay $1 million to an employee of a company...
SharpHose – Asynchronous Password Spraying Tool In C# For Windows Environments
SharpHose is a C# password spraying tool designed to be fast, safe, and usable over Cobalt Strike's execute-assembly. It provides...
Bashtop – Linux/OSX/FreeBSD Resource Monitor
Bpytop, bashtop python port is now available at https://github.com/aristocratos/bpytopIt's a lot faster and about a third as cpu heavy and...
SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S
Posted by SEC Consult Vulnerability Lab on Aug 27SEC Consult Vulnerability Lab Security Advisory < 20200827-0 > ======================================================================= title: Multiple...
SEC Consult SA-20200826-0 :: Extensive file permissions on service executable in Eikon Thomson Reuters
Posted by SEC Consult Vulnerability Lab on Aug 27SEC Consult Vulnerability Lab Security Advisory < 20200826-0 > ======================================================================= title: Extensive...
Internet of Things Cybersecurity Regulation and Rapid7
Public policy and the Internet of ThingsOver the past few years, the security of the Internet of Things (IoT) has...
Good news: Stalkerware survey results show majority of people aren’t creepy
Back in July, we sent out a survey to Malwarebytes Labs readers on the subject of stalkerware—the term used to describe...
Experts identified flaw that allows criminals to steal money using Faster Payments System (FPS)
Experts have identified a flaw that allows criminals to steal money from accounts of clients of banks through the Faster...
FBI Arrests Russian Hacker, Who Tried To Convince An Employee to Hack His Nevada Company
A hacker from Russia went to America and asked an employee of a Nevada company to install a malware in...
Over 500 SSH Servers being Breached by FritzFrog P2P Botnet
Cyberspace has seen an unprecedented rise in modified versions of peer-to peer, also known as (P2P) threats, it might have...
Transparent Tribe: Evolution analysis,part 2
Background + Key findings Transparent Tribe, also known as PROJECTM or MYTHIC LEOPARD, is a highly prolific group whose activities...
Hack-Tools – The All-In-One Red Team Extension For Web Pentester
The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it...
ezEmu – Simple Execution Of Commands For Defensive Tuning/Research
ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers",...
Rapid7 Releases 2020 Under the Hoodie Report: Lessons Learned from a Year of Penetration Tests
Well, it's March 179th, 2020, and while we didn't actually get a summer here in 2020, it's time once again...
Our New Blog
Security Intelligence Blog has a new home! Our new site is https://www.trendmicro.com/en_us/research.html Read new threat discoveries, relevant perspectives on security...
PowerShell Logging: Obfuscation and Some New(ish) Bypasses Part 1
While giving our talk at the DEF CON Red Team Village a couple of weeks ago, I previewed a PowerShell...
Random SMTP Fun with Telnet
Over the weekend, we were setting up a virtual range for our upcoming class this weekend and was testing a mail server....
