Patch Tuesday – April 2020
Global working-from-home routines haven't slowed down Microsoft and its ability to help close up vulnerabilities in their products. This April...
OSINT
Pranksters installing MBRLocker wiper, blame Vitali Kremez, MalwareHunterTeam for attack
A malicious actor is trying to discredit two of the more well-known personalities in cybersecurity circles by including their names...
Lock and Code S1Ep4: coronavirus and responding to computer viruses with Akshay Bhargava
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Attackers Hacked the Digital Pass System of Moscow residents
Moscow's residents are warned about scammers who offer to issue digital passes for moving around the city on social networksRecall...
Critical Security Vulnerability Patched By VMware
VMware Inc. a publicly-traded software company recently fixed a critical security vulnerability that permitted the malicious attackers to access sensitive...
Protect your phone from malicious apps by malware scanner VirusTotal Mobile
Google last year removed 85 apps from play store after security researchers found that these apps were adwares in disguise.These...
Lollipopz – Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only.Exfiltration How-To/etc/shadow -> HTTP GET...
Sherloq – An Open-Source Digital Image Forensic Toolset
An open source image forensic toolset Introduction"Forensic Image Analysis is the application of image science and domain expertise to interpret...
Remote Work Readiness: How to Keep a Security Mindset
As companies respond to COVID-19, many require their employees to work from home. This migration of the workforce places the...
1.1 Million Customers Records of SCUF Gaming Exposed Online
The database of more than 1 million customers was exposed online by 'SCUF Gaming', a subsidiary of Corsair that develops...
COVID-19: Google and Apple Team up on Contact Trace Technology
Around the world, the governments and health departments are fighting together against the Coronavirus pandemic, coming up with solutions to...
Inhale – A Malware Analysis And Classification Tool
Inhale is a malware analysis and classification tool that is capable of automating and scaling many static analysis operations.This is...
Privacy Badger – A Browser Extension That Automatically Learns To Block Invisible Trackers
Privacy Badger is a browser extension that automatically learns to block invisible trackers. Instead of keeping lists of what to...
Cisco “critical security advisory” part of a phishing campaign ?
Amidst the coronavirus pandemic, there is an influx of telecommuters who, have come to heavily depend on online conferencing tools...
Audix – A PowerShell Tool To Quickly Configure The Windows Event Audit Policies For Security Monitoring
Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This...
Serverless Prey – Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions
Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a...
Russian authorities arrested cyber criminals who sold billion counterfeit rubles on the dark web
Employees of the Ministry of Internal Affairs in Nizhny Novgorod stopped the activities of a group engaged in the production...
BEC Scams Cost American Companies Billions!
Business Email Compromise (BEC) scams have surfaced among several US companies and have caused them damage costing along the lines...
100 Million Android Users Warned Against Using this “Very Dangerous” VPN App
Millions of Android users are being cautioned against using a popular Android VPN that was removed by Google from its...
Lunar – A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory
A lightweight native DLL mapping library that supports mapping directly from memoryFeaturesImports and delay imports are resolvedRelocations are performedImage sections...
Ps-Tools – An Advanced Process Monitoring Toolkit For Offensive Operations
Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding...
Malvertising campaign spoofs Malwarebytes website to deliver Raccoon info-stealer
Malicious actors created a fake webpage that impersonates cybersecurity company Malwarebytes and were using it as a gateway in a...
APTs and COVID-19: How advanced persistent threats use the coronavirus as a lure
The coronavirus (COVID-19) has become a global pandemic, and this is a golden time for attackers to take advantage of...
Experts warned of a wave of repeated attacks on victims of cyber fraud
Group-IB specialists identified the spread of a popular scam on the Network. The Double Deception scheme is as follows: people...
