Financial resources for small businesses grappling with COVID-19
The United States Congress recently passed the “Coronavirus Aid, Relief, and Economic Security Act” (the “CARES Act”). This legislation is...
Security
Phishing for SYSTEM on Microsoft Exchange (CVE-2020-0688)
On Feb 11, 2020, Microsoft released security updates to address a vulnerability in Microsoft Exchange that would allow an attacker...
4 Common Goals For Vulnerability Risk Management Programs
At Rapid7, we have made it our top priority to uncover unmet customer needs and create value in new product...
Zoombombing: what is it and how you can prevent your conference calls from being zoombombed
Amid this Covid-19 lockdown, the use of video conferencing software has seen a rapid rise- be it work-related, teaching or...
YARA webinar follow up
If you read my previous blogpost, “Hunting APTs with YARA” then you probably know about the webinar we’ve done on...
Angrgdb – Use Angr Inside GDB – Create An Angr State From The Current Debugger State
Use angr inside GDB. Create an angr state from the current debugger state.Installpip install angrgdbecho "python import angrgdb.commands" >> ~/.gdbinitUsageangrgdb...
SSHPry v2.0 – Spy and Control os SSH Connected client’s TTY
This is a second release of SSHPry tool, with multiple features added.Control of target's TTYBuilt-In KeyloggerConsole-Level phishingRecord & Replay previous...
Facebook, Twitter and Telegram will stop working in Russia due to the weak Runet
Participants of the Zoom conference on the digital future of the country said that the transition to remote work and...
E-Commerce Attacks Didn’t Increase During Coronavirus Quarantine
Due to the COVID-19 pandemic, people across the globe to stay at home. The quarantine has increased online shopping figures....
HikPwn – A Simple Scanner For Hikvision Devices
HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. This project was born...
Sandcastle – A Python Script For AWS S3 Bucket Enumeration
Inspired by a conversation with Instacart's @nickelser on HackerOne, I've optimised and published Sandcastle – a Python script for AWS...
Zoomed In: A Look into a Coinminer Bundled with Zoom Installer
By Raphael Centeno and Llallum Victoria Many companies around the world have transitioned to work-from-home arrangements because of growing concerns...
How social media platforms mine personal data for profit
It’s almost impossible not to rely on social networks in some way, whether for personal reasons or business. Sites such...
Coronavirus Themed Phishing Attacks Continue to Rise
New data by researchers has demonstrated that cybercriminals are preying on people's concerns regarding the COVID-19 pandemic and carrying out...
Microsoft Issues Its First Ever ‘Targeted’ Warning ; Saving VPN Servers of Hospitals
Following a recent disclosure about Iranian hackers targeting on vulnerabilities in VPN servers like the Pulse Secure, Palo Alto Systems,...
Tweetshell – Multi-thread Twitter BruteForcer In Shell Script
Tweetshell is an Shell Script to perform multi-threaded brute force attack against Twitter, this script can bypass login limiting and...
Jackdaw – Tool To Collect All Information In Your Domain And Show You Nice Graphs
Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice...
More Than 8,000 Unsecured Redis Instances Found in the Cloud
By David Fiser (Security Researcher) We discovered 8,000 Redis instances that are running unsecured in different parts of the world,...
Armenian Minister of Justice explains how new software will find COVID-19 infected people
Armenian President Armen Sarkisian signed the bill on amendments to the law "on the legal regime of emergency" and "on...
Winja (VirusTotal Uploader)- The Malware Detector!
Cyber-security is an important concern for everyone working from these days, amid the lock-down due to the current Coronavirus pandemic....
Loncom packer: from backdoors to Cobalt Strike
The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate....
Frida API Fuzzer – This Experimetal Fuzzer Is Meant To Be Used For API In-Memory Fuzzing
This experimental fuzzer is meant to be used for API in-memory fuzzing.The design is highly inspired and based on AFL/AFL++.ATM...
DigiTrack – Attacks For $5 Or Less Using Arduino
In 30 seconds, this attack can learn which networks a MacOS computer has connected to before, and plant a script...
Dispelling Zoom Bugbears: What You Need to Know About the Latest Zoom Vulnerabilities
Wow, this past week has been a pretty long year for Zoom.As the COVID-19 global pandemic moved the whole knowledge-working...
