Bunkerized-Nginx – Nginx Docker Image Secure By Default
nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web...
Security
IoT cybersecurity bill passed by Senate
Days before taking a week-long Thanksgiving recess, the US Senate passed an almost mundane cybersecurity bill that, if approved by...
Spotify resets some user logins after hacker database found floating online
A team of researchers working for vpnMentor has found a treasure trove in the form of an unsecured Elasticsearch database...
Pinterest soon to join the Online Classes Plethora
With 400 Million monthly active users (a 30% increase from last year), Pinterest is gaining foot among millennials and Gen...
Fake Minecraft Modpacks On Google Play Deliver Millions of Abusive Ads and Disrupt Normal Phone Usage
Scammers have now begun taking advantage of the Minecraft sandbox video clip game’s wild accomplishment by building Google Play applications.These...
RedShell – An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server
An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server.InstallationRedShell runs...
Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox (“WSB”)
wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB"). The sandbox is used by Windows Defender...
Apple security hampers detection of unwanted programs
Anyone who uses Malwarebytes software is probably familiar with the fact that, in addition to things like malware and adware,...
Looks like we’re stuck with Zoom: Is it any safer?
Earlier this month, Zoom’s stock price took a dive on news of two promising COVID vaccines offering over 90 percent...
Russian expert warned about the dangers of password theft during video conferencing
Anton Kardanov, head of the information security sector at AT Consulting, warned that motion recognition systems can be used by...
Chinese State-Sponsored Hackers Exploiting Zerologon Vulnerability
Chinese state-sponsored threat actors have been observed exploiting the Zerologon vulnerability in a global campaign targeting businesses from multiple industries...
Lookalike domains and how to outfox them
Our colleagues already delved into how cybercriminals attack companies through compromised email addresses of employees, and how to protect against...
UAFuzz – Binary-level Directed Fuzzing For Use-After-Free Vulnerabilities
Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to...
Xerror – Fully Automated Pentesting Tool
Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks....
CVE-2020-7378: OpenCRX Unverified Password Change (FIXED)
OpenCRX version 4.30 and version 5.0-20200717 suffers from an unverified password change vulnerability, which is an instance of CWE-620. This...
Lock and Code S1Ep20: Tracking the charities that track you online with Chris Boyd
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Interview Spotlight: Israeli Hardware Solutions, Sepio Systems
On 19 November, E-Hacking News conducted an interesting interview with Sepio Systems. The company provides its customers with the highest...
ToothPicker – An In-Process, Coverage-Guided Fuzzer For iOS
ToothPicker is an in-process, coverage-guided fuzzer for iOS. It was developed to specifically targets iOS's Bluetooth daemon bluetoothd and to...
Osi.Ig – Information Gathering Instagram
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to...
SEC Consult SA-20201123-0 :: Multiple Vulnerabilities in ZTE WLAN router MF253V
Posted by SEC Consult Vulnerability Lab on Nov 23SEC Consult Vulnerability Lab Security Advisory < 20201123-0 > ======================================================================= title: Multiple...
CA20201116-01: Security Notice for CA Unified Infrastructure Management
Posted by Ken Williams via Fulldisclosure on Nov 23CA20201116-01: Security Notice for CA Unified Infrastructure Management Issued: November 16th, 2020...
Don’t Let These Top Cloud Myths Hamper Your Business Decision-Making
The cloud remains a dominant technology innovation well into its second decade of existence. However, after all this time, certain...
NICER Protocol Deep Dive: Internet Exposure of Microsoft SQL Server (MS SQL) (UDP/1434)
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
WhatsApp’s ‘disappearing messages’ now available for Indian users; here’s how you can enable disappearing messages on your WhatsApp
The much popular messaging application earlier announced that they will be rolling out a new 'Disappearing Messages' feature, where sent...
