Developing Sustainable Vulnerability Management with Katie Moussouris
On this week’s episode of Security Nation, we’re delighted to be joined by Katie Moussouris, CEO and Founder of Luta...
Security
Playing Around With The Fuchsia Operating System
Introduction Fuchsia is a new operating system developed by Google, targeting the AArch64 and x86_64 architectures. While little is known...
Malware found in popular barcode apps produces ads that instantly vanish
A pair of Android barcode reader apps that were downloaded more than 1 million times were found to contain ad...
Lock and Code S1Ep8: Securely working from home (WFH) with John Donovan and Adam Kujawa
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Banks asked to postpone the transition to Russian software until 2023
According to the conclusion of the National Financial Market Council (Rosfinsovet), the transition of financial institution owners to Russian software...
Information Sharing can Strengthen the Cybersecurity Measures, says US Cyberspace Report
According to the US Cyberspace Solarium Commission report that came in March this year, there is an immediate requirement of...
Impost3r – A Linux Password Thief
Impost3r is a tool that aim to steal many kinds of linux passwords(including ssh,su,sudo) written by C.Attackers can use Impost3r...
Tangalanga – The Zoom Conference Scanner Hacking Tool
Zoom Conference scanner.This scanner will check for a random meeting id and return information if available.UsageThis are all the possible...
Maturing Your Security Posture: Around-the-Clock Threat Detection With Managed Detection & Response (MDR) Services
Recently, we (virtually!) sat down with Jeremiah Dewey, Rapid7’s VP of Managed Services, to chat about how managed detection response...
Spyeye – Script To Generate Win32 .Exe File To Take Screenshots
Script to generate Win32 .exe file to take screenshots every ~10 seconds.Features:Works on WAN: Port Forwarding by Serveo.netFully Undetectable (FUD)...
Words Scraper – Selenium Based Web Scraper To Generate Passwords List
Selenium based web scraper to generate passwords list.Installation# Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases$ tar xzf geckodriver-v{VERSION-HERE}.tar.gz$ sudo mv geckodriver /usr/local/bin...
New Tekya Ad Fraud Found on Google Play
By Ford Qin (Mobile Threats Analyst) In late March, researchers from CheckPoint found the Tekya malware family, which was being...
Conduent’s European Operations Hit by Maze Ransomware, Data Stolen
Conduent, a business process outsourcing organization confirms that their European operations were crippled by a ransomware attack on Friday, in...
JSshell – A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS
JSshell - a JavaScript reverse shell. This using for exploit XSS remotely, help to find blind XSS, ...This tool works...
Astsu – A Network Scanner Tool
How it worksScan common portsSend a TCP Syn packet to the destination on the defined port, if the port is...
The number of vulnerable computers in Russia tripled during the period of self-isolation
DeviceLock analysts claim that the number of computers with the Windows operating system in Russia, that are vulnerable to Remote...
Ransomwares evolving: Cybercriminals collaborating and auctioning data
Ransomware are soon becoming the most feared disease of cyber-world, started from simple encryption of the victim's computer and files,...
Git-Scanner – A Tool For Bug Hunting Or Pentesting For Targeting Websites That Have Open .git Repositories Available In Public
This tool can scan websites with open .git repositories for Bug Hunting/ Pentesting Purposes and can dump the content of...
Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique
By Jessie Huang (Mobile Threats Analyst) We recently saw two barcode reader apps in Google Play, together downloaded more than...
‘Enterprise-grade’ BazarBackdoor malware delivered via spear phishing emails
Researchers have uncovered a new “enterprise-grade” backdoor malware program that they say shares code with the notorious modular banking trojan...
Confessions of a Former CISO: Shaming People for Bad Security
My name is Scott King, and I am the Senior Director of Advisory Services at Rapid7. Before that, I was...
Recox – Master Script For Web Reconnaissance
The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other...
Sodinokibi ransomware gang auctions off stolen data
Is it legal to buy stolen data from criminals? In most countries the answer would be no. But will it...
New LNK attack tied to Higaisa APT discovered
This post was authored by Hossein Jazi and Jérôme Segura On May 29th, we identified an attack that we believe...
