QNodeService: Node.js Trojan Spread via Covid-19 Lure
Insights and Analysis by Matthew Stewart We recently noticed a Twitter post by MalwareHunterTeam that showed a Java downloader with...
OSINT
May Patch Tuesday: More Fixes for SharePoint, TLS, Runtime, and Graphic Components Released
This month’s Patch Tuesday includes 111 fixes for Microsoft. Of the 111 vulnerabilities, 16 have been rated Critical while the...
Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
By Joey Chen (Threats Analyst) Tropic Trooper, a threat actor group that targets government, military, healthcare, transportation, and high-tech industries...
New MacOS Dacls RAT Backdoor Show Lazarus’ Multi-Platform Attack Capability
By Gabrielle Joyce Mabutas With additional insights/analysis from Kazuki Fujisawa A one-time password (OTP) system involves the use of a...
Sodinokibi drops greatest hits collection, and crime is the secret ingredient
When a group of celebrities ask to speak with their lawyer, they usually don’t have to call in a bunch...
FinCEN Chief Blanco warns of Wide Scale Virtual Currency Scams
Financial Crimes Enforcement Network (FinCEN) is keeping a close watch on financial scams involving virtual currency payments as the COVID-19...
The Russian State Duma adopted a law on remote voting
The State Duma adopted in the second and third readings amendments of deputies of United Russia that simplify the organization...
Windows 10 New Feature Hunts and Thwarts PUAs/PUPs
Per reports, Microsoft has hinted that the next main version of Windows 10 will come stacked with a fresh security...
The lifespan of Phishing Attacks Recorded a Tremendous Growth in H2 2019
Phishing attacks recorded a remarkable surge in H2 2019, the growth has been alarming with the number of phishing websites...
Cyberthreats on lockdown
Every year, our anti-malware research team releases a series of reports on various cyberthreats: financial malware, web attacks, exploits, etc....
COMpfun authors spoof visa application with HTTP status-based Trojan
You may remember that in autumn 2019 we published a story about how a COMpfun successor known as Reductor infected...
Lockphish – A Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode
Lockphish it's the first tool (05/13/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN...
DalFox (Finder Of XSS) – Parameter Analysis And XSS Scanning Tool Based On Golang
Finder Of XSS, and Dal is the Korean pronunciation of moon. What is DalFoxJust, XSS Scanning and Parameter Analysis tool....
How CVSS works: characterizing and scoring vulnerabilities
The Common Vulnerability Scoring System (CVSS) provides software developers, testers, and security and IT professionals with a standardized process for...
Data of 9 million customers of the Russian courier service CDEK leaked
Data belonging to nine million customers of the CDEC Express transportation service was put up for sale on the Web...
Security Flaws Impacting Oracle’s iPlanet Web Server Discovered By Researchers
Cyber Security Experts discover two security defects affecting Oracle's iPlanet Web Server that could cause sensitive data exposure and limited...
IoT (Internet of Things) : taking the world by storm
IoT or Internet of things refers to billions of devices and machines in the world connected to the internet, sharing...
Saycheese – Grab Target’S Webcam Shots By Link
Take webcam shots from target just sending a malicious link.How it works?The tool generates a malicious HTTPS page using Serveo...
Kaiten – A Undetectable Payload Generation
A Undetectable Payload Generation. This tool is for educational purpose only, usage of Kaiten for attacking targets without prior mutual...
How to Simplify InsightConnect Workflows Using Join Step
I think we can all agree that when you are building workflows and setting up automation for your environment with...
RevenueWire to pay $6.7 million to settle FTC charges
What can you do as a scammer when no legitimate payment provider wants to process your payments anymore? Or, what...
The sites of the online action in honor of the victory in the Great Patriotic War were attacked by hackers
Sites where the online campaign Immortal regiment was broadcast, as well as the hotline’s telephone number, were subjected to repeated...
Users May Risk Losing their Passwords on Dark Web For Sale
In April, Zoom became one of the many victims of the companies that lost their user data to the hackers....
Russia recognized as the leader in posting fraudulent resources on the Web
According to the results of last year, Russia seized the first place from the United States in terms ofthe placement...
