Rapid7 Labs’ 2020 Naughty List Summary Report to Santa
As requested, your dutiful elves here at Rapid7 Labs have compiled a list of the naughty country networks being used...
Security
The Russian cryptocurrency exchange Livecoin hacked on Christmas Eve
Russian cryptocurrency exchange Livecoin was compromised on Christmas Eve, hackers breached its network and gained control of some of its...
DDoS amplify attack targets Citrix Application Delivery Controllers (ADC)
Citrix confirmed that a DDoS attack is targeting Citrix Application Delivery Controller (ADC) networking equipment. The threat actors are using...
Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye
Millions of devices are potential exposed to attacks targeting the vulnerabilities exploited by the tools stolen from the arsenal of...
VideoBytes: Offensive security tools and the bad guys that use them
Hello Folks! In this Videobyte, we’re talking about what penetration testing tools malware gangs love to use and why they...
Credential Phishing Attack Impersonating USPS Targets Consumers Over the Holidays
As the year is coming to a wrap, the 2020 holiday season is being actively attacked by malicious actors. In recent...
‘Ransomware Task Force’: Microsoft, McAfee and Rapid7 Coalition
19 tech companies, cybersecurity firms, and non-profits have collaborated with the Institute for Security and Technology (IST) to form a...
Censys-Python – An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine
An easy-to-use and lightweight API wrapper for the Censys Search Engine (censys.io). Python 3.6+ is currently supported.Getting StartedThe library can...
Swego – Swiss Army Knife Webserver In Golang
Swiss army knife Webserver in Golang. Keep simple like the python SimpleHTTPServer but with many features.UsageHelp$ ./webserver -helpweb subcommand -bind...
Top Security Recommendations for 2021
Happy HaXmas! We hope everyone is having a wonderful holiday season so far. This year has been wild and unpredictable,...
Google reported that Microsoft failed to fix a Windows zero-day flaw
Google’s Project Zero experts publicly disclosed details of an improperly patched zero-day code execution vulnerability in Windows. White hat hackers...
GRecon – Your Google Recon Is Now Automated
GRecon (Greei-Conn) is a simple python tool that automates the process of Google Based Recon AKA Google Dorking The current...
Metasploit Tips and Tricks for HaXmas 2020
For this year's HaXmas, we're giving the gift of Metasploit knowledge! We'll cover a mix of old, new, or recently...
10 Quick Tips for Amazon Echo Safety & Privacy
Convenience Comes at a Cost, But You Can Be Proactive Let’s face it, telling Alexa to take care of a...
I played the free online games your kids are playing and here’s what happened
“Throat kill! Throat kill!” “I need a dad.” These are just some of the things I heard a six-year-old boy...
Lazarus covets COVID-19-related intelligence
As the COVID-19 crisis grinds on, some threat actors are trying to speed up vaccine development by any means available....
How we protect our users against the Sunburst backdoor
What happened SolarWinds, a well-known IT managed services provider, has recently become a victim of a cyberattack. Their product Orion...
Kenzer – Automated Web Assets Enumeration And Scanning
Automated Web Assets Enumeration & Scanning Instructions for running Create an account on Zulip Navigate to Settings > Your Bots...
Cellebrite claims to be able to access Signal messages
Israeli cyber security firm Cellebrite claims that it can decrypt messages from the popular Signal’s messaging app. Israeli security firm...
Research: nearly all of your messaging apps are secure
CyberNews Investigation team analyzed the 13 most popular messaging apps to see if the apps are really safe. Source: https://cybernews.com/security/research-nearly-all-of-your-messaging-apps-are-secure/...
Researchers shared the lists of victims of SolarWinds hack
Security experts shared lists of organizations that were infected with the SolarWinds Sunburst backdoor after decoding the DGA mechanism. Security...
Emotet returns just in time for Christmas
Emotet is a threat we have been tracking very closely throughout the year thanks to its large email distribution campaigns....
Beware: not so festive social media scams
We’re now into the most crucial stage of Christmas festivities, where money and gifts are on the march…and social media...
Experts listed the possible goals of cyber criminals who hack websites
According to Positive Technologies, in 2020, cybercriminals have become increasingly interested in hacking sites: in seven out of ten cases,...
