Hackers attacked hospitals in the Czech Republic: Russia is suspected
According to the Lidové noviny newspaper, a foreign state may be behind the cyberattacks, and hacker groups from Russia may...
OSINT
githubFind3r – Fast Command Line Repo/User/Commit Search Tool
githubFind3r is a very fast command line repo/user/commit search toolInstallationgit clone https://github.com/atmoner/githubFind3r.gitcd githubFind3rnpm installRun itnode githubFind3r.jsDownload githubFind3r Original Source
Httpgrep – Scans HTTP Servers To Find Given Strings In URIs
A python tool which scans for HTTP servers and finds given strings in URIs.Usage$ httpgrep -H--====--usage httpgrep -h <args> -s...
How InsightIDR Is Accelerating Detection and Response in Modern Environments
A comprehensive approach yields 4.5x ROI for customersIn today’s disparate environment, it’s crucial to have a security information and event...
Exposed Redis Instances Abused for Remote Code Execution, Cryptocurrency Mining
By David Fiser and Jaromir Horejsi (Threat Researchers) Recently, we wrote an article about more than 8,000 unsecured Redis instances...
Grouping Linux IoT Malware Samples With Trend Micro ELF Hash
The internet of things (IoT) has swiftly become a seemingly indispensable part of our daily lives. The IoT devices...
Smart TVs spoofed to deliver billions of fake ad impressions
A cybergang created a botnet that used SmartTVs to generate fake eyeballs for a massive ad fraud campaign that saw...
A week in security (April 13 – 19)
Last week on Malwarebytes Labs, we looked at how to avoid Zoom bombing, weighed the risks of surveillance versus pandemics,...
Russia to develop a video platform similar to Zoom
The Ministry of Digital Development, Communications and Mass Media of the Russian Federation will develop a similar Zoom platform for...
Google Is All Set To Fight The Coronavirus Themed Phishing Attacks and Scams
These days of lock-down have left cyber-criminals feeling pretty antsy about “working from home”. Not that it has mattered because...
Adamantium-Thief – Decrypt Chromium Based Browsers Passwords, Cookies, Credit Cards, History, Bookmarks
Get chromium browsers: passwords, credit cards, history, cookies, bookmarks.Chrome 80 > is supported!Examples:Get passwords from browsers:Stealer.exe PASSWORDSGet credit cards from...
Lk Scraper – An Fully Configurable Linkedin Scrape (Scrape Anything Within Linkedin)
Scrapes Any Linkedin DataInstallation$ pip install git+git://github.com/jqueguiner/lk_scraperSetupUsing Docker compose$ docker-compose up -d$ docker-compose run lk_scraper python3Using Docker only for selenium...
Confessions of a Former CISO: Promoting Individual Contributors into Leadership Roles
My name is Scott King, and I am the Senior Director of Advisory Services at Rapid7. But before that, I...
Resources on the Main Street Lending Program to Support Small and Mid-Sized Businesses
As part of Rapid7’s mission to support the community during this difficult (AKA surreal and dangerous) time, we are drawing...
Can open source software be bought?
Open-source softwares (OSS) are released under a special license that makes its source code available to the user to inspect,...
CERT-In Alerts Mozilla Firefox Users to Update their Browsers Immediately
Mozilla Firefox users are receiving alerts regarding multiple vulnerabilities in the web browser by the Indian Computer Emergency Response Team...
Google Doubling Down On Efforts to Protect Android Users
With the rise in the in-application subscription scams on Android, Google subsequently announced the introduction of new Play Store policies...
Lithuania accused the Russian media of misinformation
Lithuania has published an annual report submitted by the Ministry of Defense, in which it accused the Russian media of...
Flux-Keylogger – Modern Javascript Keylogger With Web Panel
Modern javascript keylogger with web panel Web panel:Logging:KeyloggerCookiesLocationRemote IPUser-AgentsInstallation server files:Upload files from server directory to you serverChange default username,...
Vulnx v2.0 – An Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS (WordPress , Joomla , Drupal , Prestashop …)
Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection,informations gathering...
goBox – GO Sandbox To Run Untrusted Code
GO sandbox to run untrusted code.goBox uses Ptrace to hook into READ syscalls, giving you the option to accept or...
RS256-2-HS256 – JWT Attack To Change The Algorithm RS256 To HS256
JWT Attack to change the algorithm RS256 to HS256Usageusage: RS256_2_HS256_JWT.py payload pubkeypositional arguments: payload JSON payload from JWT to attack...
Gamaredon APT Group Use Covid-19 Lure in Campaigns
By Hiroyuki Kakara and Erina Maruyama Gamaredon is an advanced persistent threat (APT) group that has been active since 2013....
Exposing Modular Adware: How DealPly, IsErIk, and ManageX Persist in Systems
By RonJay Caragay, Fe Cureg, Ian Lagrazon, Erika Mendoza, and Jay Yaneza (Threats Analysts) Adware isn’t new and they don’t...
