Intel Owl – Analyze Files, Domains, IPs In Multiple Ways From A Single API At Scale
Do you want to get threat intelligence data about a file, an IP or a domain?Do you want to get...
OSINT
Russian media reported on fake domains for pre-ordering coronavirus vaccine
After the Russian Ministry of Health registered the first coronavirus vaccine, the number of new domains associated with the vaccine...
Scan-For-Webcams – Scan For Webcams In The Internet
Automatically scan for publically accessible webcams around the internetUsage python MJPG.py : for public MJPG streamers around the internet python...
Cloud-Sniper – Virtual Security Operations Center
Cloud Security OperationsWhat is Cloud Sniper?Cloud Sniper is a platform designed to manage Security Operations in cloud environments. It is...
LiveAuctioneers – 3,385,862 breached accounts
In June 2020, the online antiques marketplace LiveAuctioneers suffered a data breach which was subsequently sold online then extensively redistributed...
‘Just tell me how to fix my computer:’ a crash course on malware detection
Malware. You’ve heard the term before, and you know it’s bad for your computer—like a computer virus. Which begs the...
SecGen – Create Randomly Insecure VMs
SecGen creates vulnerable virtual machines, lab environments, and hacking challenges, so students can learn security penetration testing techniques.Boxes like Metasploitable2...
ADBSploit – A Python Based Tool For Exploiting And Managing Android Devices Via ADB
A python based tool for exploiting and managing Android devices via ADBCurrently on developmentScreenrecordStream ScreenrecordExtract ContactsExtract SMSExtract Messasing App Chats...
Open-Xchange Security Advisory 2020-08-20
Posted by Open-Xchange GmbH via Fulldisclosure on Aug 21Dear subscribers, we're sharing our latest advisory with you and like to...
Payment bypass in WordPress – WooCommerce – NAB Transact plugin disclosure
Posted by Jack Misiura via Fulldisclosure on Aug 21Title: Payment bypass Product: WordPress NAB Transact WooCommerce Plugin Vendor Homepage: https://woocommerce.com/products/nab-transact-direct-post/...
Threat hunters watch as Chinese hackers forage forums for tools
Pictured: The Forbidden City, in Beijing. Experts say Chinese APT operations use a mix of proprietary and publicly available tools...
Apple OS developer supply chain threatened by ‘clever’ malware attack
In an attack described as a “clever” supply-chain threat, XCSSET malware is being injected undetected into programs created by unwitting...
DHS and FBI warn of North Korean malware targeted at defense contractors
The Department of Homeland Security and Federal Bureau of Investigation published an alert Wednesday about malware it claims North Korea...
Hackers Can Now Clone Your Key Using Just a Smartphone Microphone and a Program
Earlier this year researchers at the National University of Singapore came up and published a paper enumerating how, utilizing just...
More than 100 websites selling air tickets in Russia turned out to be fraudulent
Cybercriminals continue to deceive people. According to the Group-IB, over the past few months, more than 100 fraudulent sites in...
Expert Malnev gave tips on detecting Keylogger
Alexey Malnev, head of the Jet CSIRT Information Security Monitoring and Incident Response Center of Jet Infosystems, spoke about how...
REvil/Sodinokibi Ransomware Specifically Targeting Food and Beverages Organizations
REvil, also known as Sodinokibi ransomware was first spotted in April 2019, it attacks Windows PCs to encrypt all the...
Transparent Tribe: Evolution analysis,part 1
Background and key findings Transparent Tribe, also known as PROJECTM and MYTHIC LEOPARD, is a highly prolific group whose activities...
Wonitor – Fast, Zero Config Web Endpoint Change Monitor
fast, zero config web endpoint change monitor. for comparing responses, a selected list of http headers and the full response...
DropEngine – Malleable Payloads!
By @s0lst1c3DisclaimerDropEngine (the "Software") and associated documentation is provided “AS IS”. The Developer makes no other warranties, express or implied,...
Automated External Sonar Scanning Workflow with InsightVM
Have you ever come into the office on a Monday and were completely surprised by your boss asking about some...
How Unsecure gRPC Implementations Can Compromise APIs, Applications
By David Fiser (Security Researcher) Enterprises are turning to microservice architecture to build future-facing applications. Microservices allow enterprises to efficiently...
Unico Campania – 166,031 breached accounts
In August 2020, the Neapolitan public transport website Unico Campania was hacked and the data extensively circulated. The breach contained...
20 percent of organizations experienced breach due to remote worker, Labs report reveals
It is no surprise that moving to a fully remote work environment due to COVID-19 would cause a number of...
