Richkit – Domain Enrichment Toolkit
Richkit is a python3 package that provides tools taking a domain name as input, and returns addtional information on that...
Security
Answers to Three FAQs About the New-and-Improved Cloud Configuration Assessment Remediation Content in InsightVM
Organizations operating in a cloud environment like Amazon Web Services (AWS) face additional security risk challenges that they need to...
Online credit card skimming increased by 26 percent in March
Crisis events such as the current COVID-19 pandemic often lead to a change in habits that captures the attention of...
How Coronavirus Panic Created a Perfect Opportunity for Cyberattacks in Crucial Sectors?
In tough times like this, there is always someone out there looking for a weak spot to attack their enemy....
Spam and phishing in 2019
Figures of the year The share of spam in mail traffic was 56.51%, which is 4.03 p.p. more than in...
Chromepass – Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features:Decrypt Chrome saved paswordsSend a file...
Tentacle – A POC Vulnerability Verification And Exploit Framework
Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It...
Self-Isolation, Home Networking, and Open Source: Recog and Rumble
Hey, gang. You know I'm a big open source fan and occasional contributor, so I just wanted to take a...
Shifting Security Conferences to Virtual: The New Face of Events in 2020 and Beyond
On this week’s episode of Security Nation, we had the pleasure of speaking with John Strand, CEO of BlackHills Information...
Copycat criminals abuse Malwarebytes brand in malvertising campaign
While exploit kit activity has been fairly quiet for some time now, we recently discovered a threat actor creating a...
Cybersecurity labeling scheme introduced to help users choose safe IoT devices
The Internet of Things (IoT) is a term used to describe a wide variety of devices that are connected to...
First Deputy Chairman of the Bank of Russia: Blockchain is not a panacea, and cryptocurrency is not money
First Deputy Chairman of the Bank of Russia Olga Skorobogatova said that blockchain is perfect for letters of credit and...
L4NC34 Ransomware Teaches That Ransomware Attacks Ought To Never Be Trifled With
There is no denying the fact that whenever the word ransomware is mentioned computers are an instinctive afterthought to have...
Unkillable xHelper and a Trojan matryoshka
It was the middle of last year that we detected the start of mass attacks by the xHelper Trojan on...
Tails 4.5 – Live System to Preserve Your Privacy and Anonymity
The Tails team is happy to publish Tails 4.5, the first version of Tails to support Secure Boot.This release also fixes...
MSOLSpray – A Password Spraying Tool For Microsoft Online Accounts (Azure/O365)
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA...
Git-Hound v1.1 – GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System
A batch-catching, pattern-matching, patch-attacking secret snatcher.GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit...
8 Steps to Successfully Implement the CIS Top 20 Controls in Your Organization
If you saw the recent Top 10 Malware January 2020 post by the Center for Internet Security (CIS), you may...
A week in security (March 30 – April 5)
Last week on Malwarebytes Labs, we offered readers tips for safe online shopping now that cybercriminals are ramping up Internet-based...
‘Paranoid’ Blocks your Smart Speakers from Spying on you
Smart speakers have proven to be one of the most versatile gadgets of the era, the high-tech AI companions can...
BGP Hijacking Victimizes Google, Amazon and Other Famous Networks’ Traffic!
As per reports, a telecommunication provider that is owned by Russia rerouted traffic which was intended for the most imminent...
Russia responded to the Swedish Minister’s statement about “Russian trolls”
Russian Senator Alexey Pushkov noted that the Minister was actually attacked by ordinary Swedish Internet users who were not satisfied...
DNSteal v2.0 – DNS Exfiltration Tool For Stealthily Sending Files Over DNS Requests
This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.Below...
OSSEM – Open Source Security Events Metadata
The Open Source Security Events Metadata (OSSEM) is a community-led project that focuses primarily on the documentation and standardization of...
