Re: Google’s Android: remote install backdoor in Google Play Services
Posted by Pedro Cunha on Oct 20I don't see how this is an "on-purpose backdoor". As far as I know,...
Security
Re: Google’s Android: remote install backdoor in Google Play Services
Posted by Michael Lazin on Oct 20I do see the point and even though it is not a deliberate back...
LISTSERV Maestro Remote Code Execution Vulnerability
Posted by Ryan Wincey on Oct 20Document Title: =============== LISTSERV Maestro Remote Code Execution Vulnerability References (Source): ====================https://www.securifera.com/advisories/sec-2020-0001/https://www.lsoft.com/products/maestro.asp Release Date:...
Re: Google’s Android: remote install backdoor in Google Play Services
Posted by Adrian Sanabria on Oct 20If I recall correctly, iOS and MacOS work in much the same way. They...
A week in security (September 12 – September 18)
Last week on Malwarebytes Labs, we looked at journalism’s role in cybersecurity on our Lock and Code podcast, gave tips...
Emotet Returns: Here’s a Quick Look into new ‘Windows Update’ attachment
Emotet Malware was first discovered by security researchers in the year 2014, but, the threats by Emotet have constantly evolved...
IBM discovers a new banking malware attached to Video Conferencing apps like Zoom
Researchers at IBM have discovered a new malware campaign VIZOME that hijacks bank accounts by the overlay. Researchers Chen...
GravityRAT: The spy returns
In 2018, researchers at Cisco Talos published a post on the spyware GravityRAT, used to target the Indian armed forces....
Apk-Medit – Memory Search And Patch Tool On Debuggable Apk Without Root & Ndk
Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile...
SSJ – Your Everyday Linux Distribution Gone Super Saiyan
SSJ is s silly little script that relies on docker installed on your everyday Linux distribution (Ubuntu, Debian, etc.) and...
Are You Still Running End-of-Life Windows Servers?
Windows Server 2008 and 2008 R2 reached their end of life (EOL) on Jan. 14, 2020. What does that mean...
NICER Protocol Deep Dive: Internet Exposure of IMAP and POP
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
[RT-SA-2020-003] FRITZ!Box DNS Rebinding Protection Bypass
Posted by RedTeam Pentesting GmbH on Oct 19Advisory: FRITZ!Box DNS Rebinding Protection Bypass RedTeam Pentesting discovered a vulnerability in FRITZ!Box...
Iran Suffers Largescale Cyberattacks, Two Government Organizations Affected
In a recent cybersecurity incident, Iran has confirmed that it suffered two significant cyberattacks. One such attack even targeted Iran's...
RmiTaste – Allows Security Professionals To Detect, Enumerate, Interact And Exploit RMI Services By Calling Remote Methods With Gadgets From Ysoseria
RmiTaste allows security professionals to detect, enumerate, interact and attack RMI services by calling remote methods with gadgets from ysoserial....
Taken – Takeover AWS Ips And Have A Working POC For Subdomain Takeover
Takeover AWS ips and have a working POC for Subdomain Takeover. Idea is simple Get subdomains. Do reverse lookups to...
Haldiram attacked by ransomware, attackers demand USD 7,50,000 ransom
Haldiram foods were attacked by ransomware encrypting all their files, data, applications, and systems and demanded a ransom of USD...
New types of fraud related to Bank cards of Russian Banks have been spotted
Fraudsters encourage Bank customers to withdraw funds at a branch or ATM on their own and then transfer money to...
Simple-Live-Data-Collection – Simple Live Data Collection Tool
How it works?1- Build server 2- Connect with admin and client to server 3- To collect information, send the request...
TheCl0n3r – Tool To Download And Manage Your Git Repositories
TheCl0n3r will allow you to download and manage your git repositories. PrefaceAbout 90% of the penetration testing tools used in...
Deepfakes and the 2020 United States election: missing in action?
If you believe reports in the news, impending deepfake disaster is headed our way in time for the 2020 United...
Iranian Hackers Are Using Thanos Ransomware To Attack Organizations In the Middle East and South Africa
Cybersecurity experts discovered clues connecting cybersecurity attacks to Thanos ransomware, which is used by Iranian state-sponsored hackers. Researchers from ClearSky...
Ryuk Ransomware Making Comeback with New Tools and Techniques
Ryuk ransomware has gained immense popularity in the notorious sphere of cybercrime by 2019. It has been on a rise...
The Central Bank of Russia considers the introduction of the digital ruble as a new form of money
The Bank of Russia announced that it is studying the problem of issuing a digital ruble. The initiative has been...
