April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities
Microsoft fixed 113 vulnerabilities in this month’s Patch Tuesday, just two shy of last month’s 115. This continues the streak...
OSINT
Coronavirus Update App Leads to Project Spy Android and iOS Spyware
By Tony Bao and Junzhi Lu We discovered a potential cyberespionage campaign, which we have named Project Spy, that infects...
Keep Zoombombing cybercriminals from dropping a load on your meetings
While shelter in place has left many companies struggling to stay in business during the COVID-19 epidemic, one company in...
Dozens of cyberattacks on the website of the Mayor of Moscow have been recorded since the beginning of February
Group-IB specialists recorded several DDoS attacks on Moscow electronic services, including the mos.ru portal. This was announced by the CEO...
Meghan Markle and Prince Harry’s Names Used for Fake Celebrity Endorsement of Bitcoins?
While the Coronavirus pandemic has practically driven people to stay locked up in their homes and spend a lot more...
Htbenum – A Linux Enumeration Script For Hack The Box
This script is designed for use in situations where you do not have internet access on a Linux host and...
Domained – Multi Tool Subdomain Enumeration
A domain name enumeration toolThe tools contained in domained requires Kali Linux (preferred) or Debian 7+ and Recon-ngdomained uses several...
Patch Tuesday – April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability to help close up vulnerabilities in their products. This April...
Pranksters installing MBRLocker wiper, blame Vitali Kremez, MalwareHunterTeam for attack
A malicious actor is trying to discredit two of the more well-known personalities in cybersecurity circles by including their names...
Lock and Code S1Ep4: coronavirus and responding to computer viruses with Akshay Bhargava
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Attackers Hacked the Digital Pass System of Moscow residents
Moscow's residents are warned about scammers who offer to issue digital passes for moving around the city on social networksRecall...
Critical Security Vulnerability Patched By VMware
VMware Inc. a publicly-traded software company recently fixed a critical security vulnerability that permitted the malicious attackers to access sensitive...
Protect your phone from malicious apps by malware scanner VirusTotal Mobile
Google last year removed 85 apps from play store after security researchers found that these apps were adwares in disguise.These...
Lollipopz – Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To/etc/shadow -> HTTP GET...
Sherloq – An Open-Source Digital Image Forensic Toolset
An open source image forensic toolset Introduction"Forensic Image Analysis is the application of image science and domain expertise to interpret...
Remote Work Readiness: How to Keep a Security Mindset
As companies respond to COVID-19, many require their employees to work from home. This migration of the workforce places the...
1.1 Million Customers Records of SCUF Gaming Exposed Online
The database of more than 1 million customers was exposed online by 'SCUF Gaming', a subsidiary of Corsair that develops...
COVID-19: Google and Apple Team up on Contact Trace Technology
Around the world, the governments and health departments are fighting together against the Coronavirus pandemic, coming up with solutions to...
Inhale – A Malware Analysis And Classification Tool
Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations.This is...
Privacy Badger – A Browser Extension That Automatically Learns To Block Invisible Trackers
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to...
Cisco “critical security advisory” part of a phishing campaign ?
Amidst the coronavirus pandemic, there is an influx of telecommuters who, have come to heavily depend on online conferencing tools...
Audix – A PowerShell Tool To Quickly Configure The Windows Event Audit Policies For Security Monitoring
Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This...
Serverless Prey – Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions
Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a...
Russian authorities arrested cyber criminals who sold billion counterfeit rubles on the dark web
Employees of the Ministry of Internal Affairs in Nizhny Novgorod stopped the activities of a group engaged in the production...
