Shlayer Trojan attacks one in ten macOS users
For close to two years now, the Shlayer Trojan has been the most common threat on the macOS platform: in...
Security
SharpStat – C# Utility That Uses WMI To Run “cmd.exe /c netstat -n”, Save The Output To A File, Then Use SMB To Read And Delete The File Remotely
C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB...
KsDumper – Dumping Processes Using The Power Of Kernel Space
I always had an interest in reverse engineering. A few days ago I wanted to look at some game internals...
Discover the New BMC Remedy ITSM Plugin for InsightConnect
In any IT environment, documentation of work performed by IT is critical and necessary to maintain order when providing resolutions...
Malware redirecting visitors found on 2,000 WordPress sites
More than 2,000 WordPress sites have been infected with malicious JavaScript that redirects visitors to scam websites and sets the...
WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
In the early days, practically all tech support scammers would get their own leads by doing some amateur SEO poisoning...
Cyber Attack Alert! A Fake Factory Network Attacked With RAT, Ransomware, Malware and So On!
Researchers simulated a real-looking “Industrial prototyping” organization with fake employees, PLCs, and websites to study the types of cyber-attacks that...
YARASAFE – Automatic Binary Function Similarity Checks with Yara
SAFE is a tool developed to create Binary Functions Embedding developed by Massarelli L., Di Luna G.A., Petroni F., Querzoni...
AlertResponder – Automatic Security Alert Response Framework By AWS Serverless Application Model
AlertResponder is a serverless framework for automatic response of security alert.OverviewAlertResponder receives an alert that is event of interest from...
Vulnerability Management in the Cloud: Addressing the AWS Shared Responsibility Model
If you’re operating in the cloud, you may be familiar with the shared responsibility model. We often hear people say...
More than half of Russian companies are concerned about the protection of personal data of employees and customers
The antivirus company ESET studied the state of information security in the Russian business sector, interviewing dozens of IT Directors...
TAS – A Tiny Framework For Easily Manipulate The Tty And Create Fake Binaries
A tiny framework for easily manipulate the tty and create fake binaries.How it works?The framework has three main functions, tas_execv,...
Corsy v1.0 – CORS Misconfiguration Scanner
Corsy is a lightweight program that scans for all known misconfigurations in CORS implementations.RequirementsCorsy only works with Python 3 and...
Better Together: How to Collaborate to Drive Vulnerability Remediation Among Security, IT, and DevOps Teams
If you feel anxious about the amount of time it takes your organization to remediate vulnerabilities or find yourself spending...
A week in security (January 13 – 19)
Last week on Malwarebytes Labs, we taught you how to prevent a rootkit attack, explained what data enrichment means, informed...
Railway Protection Force (RPF) bust a multi-crore ticket fraud
Bengaluru: The Railway Protection Force busted a multi crore ticket booking fraud and apprehended two miscreants who hacked the railway...
Google Maps…Creepy or Useful?
Whether Android or iPhone there is no denying that Google is there for all of us, keeping a track log...
Bot List Containing Telnet Credentials for More than 500,000 Servers, Routers and IoT Devices Leaked Online
This week, a hacker published a list on a popular hacking forum containing Telnet credentials for over 515,000 servers, home...
Website Puts 12 Billion User Records Up For Sale and Gets Seized By US Authorities
Are you fond of buying stolen'/leaked data? Because, one such domain, named ‘WeLeakInfo.com’ recently got seized by the US authorities....
TeleGram-Scraper – Telegram Group Scraper Tool (Fetch All Information About Group Members)
Telegram Group Scraper Tool. Fetch All Information About Group Members• How To Install & Setup API ( Termux )• API...
Grouper2 – Find Vulnerabilities In AD Group Policy
What is it for?Grouper2 is a tool for pentesters to help find security-related misconfigurations in Active Directory Group Policy.It might...
Ukrainian government job site posted passport scans of thousands of civil service candidates
Government job site https://career.gov.ua/ published scans of passports and other documents of citizens who registered on the portal to search...
Gophish – Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily...
Aaia – AWS Identity And Access Management Visualizer And Anomaly Finder
Aaia (pronounced as shown here ) helps in visualizing AWS IAM and Organizations in a graph format with help of...
