WiFi Passview v4.0 – An Open Source Batch Script Based WiFi Passview For Windows!
WiFi Passview is an open-source batch script-based program that can recover your WiFi Password easily in seconds. This is for...
OSINT
Understanding Security as an Investment: The Importance of Pen Testing for Startups
Recently, we sat down with Sercan Esen and Serhat Cillidag, CEO and CTO of Intenseye, respectively, to discuss developing robust...
Docker attackers devise clever technique to avoid detection
In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they...
Website misconfigurations and other errors to avoid
Website owners, listen up: There are lots of things you shouldn’t do with your site, and many more you should...
Russian hacker who hacked Dropbox and LinkedIn found guilty
Russian citizen Yevgeny Nikulin, accused of hacking LinkedIn eight years ago, was found guilty by a jury in San FranciscoThe...
Welcome Chat App Harvesting User Data and Storing it in Unsecure Location
A messaging platform for Android, Welcome Chat spies upon its users and stores their data in an unsafe location that...
GReAT Ideas follow-up
On June 17, we hosted our first “GReAT Ideas. Powered by SAS” session, in which several experts from our Global...
Capsulecorp-Pentest – Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test
Vagrant VirtualBox Environment For Conducting An Internal Network Penetration Test.1. Capsulecorp PentestThe Capsulecorp Pentest is a small virtual network managed...
Natlas – Scaling Network Scanning
You've got a lot of maps and they are getting pretty unruly. What do you do? You put them in...
Top 5 Ways to Get a Network Traffic Source on Your Network
In my last blog post, I looked at How Rapid7 Customers Are Using Network Traffic Analysis in Detection and Response....
Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws
There has been a common vulnerabilities and exposures (CVE) fixing trend in 2020 Patch Tuesdays. For instance, Microsoft has patched...
Patch Tuesday – July 2020
100+ vulnerabilities patched during Patch Tuesdays the new normAnother 123 CVEs are covered this month from Microsoft for the 2020-Jul...
TrickBot accidentally issues infection warning to Victims
Advanced Intel’s Vitali Kremez traced a mistake by TrickBot malware, wherein it mistakingly left warning messages on the victim's machine...
Pavel Durov called on Apple to oblige to install different application stores
Apple should allow users to install apps not only from its own App Store. This opinion was expressed by the...
Maskprocessor – High-Performance Word Generator With A Per-Position Configureable Charset
High-Performance word generator with a per-position configureable charsetMask attackTry all combinations from a given keyspace just like in Brute-Force attack,...
Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350): What You Need to Know
On Tuesday, July 14, 2020, Microsoft released a patch for a 17-year-old remote code execution (RCE) vulnerability in Windows Domain...
CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) Java
This blog post was co-authored by Scott King, Brian Carey, and Justin Berry.Overview of business impact and implications of CVE-2020-6287This...
SIGRed – CVE-2020-1350 – Wormable DNS
SIGRed (CVE-2020-1350) is a wormable, critical vulnerability (CVSS base score of 10.0) in the Windows DNS server that affects Windows...
Stalkerware advertising ban by Google a welcome, if incomplete, step
On Friday, July 10, Google announced it would no longer allow advertising for spyware and similar surveillance technology—often referred to...
X64Dbg – An Open-Source X64/X32 Debugger For Windows
An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the...
Unlocking the Power of Macro Authentication in Application Security: Part Three
This blog post is part three of our three-part series on macro authentication. Be sure to catch up on part...
The Tetrade: Brazilian banking malware goes global
Introduction Brazil is a well-known country with plenty of banking trojans developed by local crooks. The Brazilian criminal underground is...
More Chinese tax software found to dish out backdoor malware
A second tax software program associated with the Chinese banking industry has now been found to contain an embedded backdoor...
A week in security (July 6 – 12)
Last week on Malwarebytes Labs, we took an in-depth look at card skimmers targeting ASP sites, we released another episode...
