Announcing the 2020 Metasploit community CTF
Metasploit’s community CTF is back by popular demand. Starting January 30, put your skills to the test for a chance...
Security
January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs
2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for...
How to prevent a rootkit attack
If you’re ever at the receiving end of a rootkit attack, then you’ll understand why they are considered one of...
Kaspersky Lab recorded an increase in attacks by Russian hackers on banks in Africa
Kaspersky Lab recorded a wave of targeted attacks on major banks in several Tropical African countries in 2020. It is...
Facebook Code Update Gone Wrong Exposes Anonymous Admins
Recently Facebook encountered quite a bug crisis, as a bad code update going live on the night of 10th January...
Hackers sell data of 80 thousand cards of customers of the Bank of Kazakhstan
An announcement about the sale of an archive of stolen data from 80,000 Halyk Bank credit cards appeared on the...
Phishing Attack Alert! Los Angeles County Says No Harm Done!
A Phishing attack last month surfaced over the LA County which was immediately contained before any devices got compromised. The...
Gtfo – Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions
This is a standalone script written in Python 3 for GTFOBins. You can search for Unix binaries that can be...
SWFPFinder – SWF Potential Parameters Finder
SWFPFinder is a simple and open source bash script designed to discovery the potential swf (file) parameters on the webapp...
Patch Tuesday – January 2020
The first Patch Tuesday of 2020 has been hotly anticipated due to a rumour that Microsoft would be fixing a...
How to Define and Communicate Vulnerability Risk Across Your Company
This is a guest post by Rapid7 customer Steven Maske, the Information Security Manager of a manufacturing, retail, and distribution...
A week in security (January 6 – 12)
Last week on Malwarebytes Labs, we told readers how to check the safety of websites and their related files, explored...
Hackers Blackmail Patients of Surgical Company in a Cyber attack
The patients of a facial surgical company in Florida, who were hacked recently, are now being threatened by hackers. The...
TrickBot Added New Stealthy Backdoor for High-Value Targets
The authors behind the infamous TrickBot malware – a modular banking trojan that targets sensitive financial information and also acts...
laravelN00b – Automated Scan .env Files And Checking Debug Mode In Victim Host
Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug...
Andriller – Software Utility With A Collection Of Forensic Tools For Smartphones
Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition...
Simplify Your Data Search with Query Builder in InsightVM
Security professionals responsible for vulnerability risk management are required to perform data querying and analysis on a regular basis to...
Sodinokibi Ransomware threats Travelex to release data, if ransom not paid.
The Sodinokibi Ransomware attackers are pressuring Travelex, a foreign exchange company to pay a 6 million dollar ransom amount or...
LAVA – Large-scale Automated Vulnerability Addition
Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora (i.e., software that has...
Heapinspect – Inspect Heap In Python
HeapInspect is designed to make heap much more prettier.Now this tool is a plugin of nadbg. Try it!FeaturesFree of gdb...
Kaspersky Lab reports North Korean Hacker group Lazarus stealing cryptocurrencies using the Telegram messenger
A group of hackers calling themselves Lazarus modified their previous scheme to steal cryptocurrency which was used in 2018. Hackers...
CHAPS – Configuration Hardening Assessment PowerShell Script
CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy...
Karonte – A Static Analysis Tool To Detect Multi-Binary Vulnerabilities In Embedded Firmware
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware.Research paperWe present our approach and the findings...
Bahraini oil company reportedly attacked by new ‘Dustman’ disk wiper
Bapco, the national oil company of the Persian Gulf island nation of Bahrain, was reportedly targeted in a Dec. 29...
