20 percent of organizations experienced breach due to remote worker, Labs report reveals
It is no surprise that moving to a fully remote work environment due to COVID-19 would cause a number of...
Security
ReconSpider – Most Advanced Open Source Intelligence (OSINT) Framework For Scanning IP Address, Emails, Websites, Organizations
ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations and find out information...
US Army Says North Korea Has Hackers and Electronic Warfare Specialists Working and Operating Abroad
In a report published a month ago by the US Army said North Korea has at least 6,000 hackers and...
Bangaluru based startup Pixxel raises $5 Million to be India’s first Earth-Imaging Satellite to launch
A Bengaluru based startup, Pixxel is soaring towards the moon as they recently raised a sweeping fund of 5 million...
Pagodo – Automate Google Hacking Database Scraping And Searching
The goal of this project was to develop a passive Google dork script to collect potentially vulnerable web pages and...
Kali Linux 2020.3 Release – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! Quarter #3 – Kali Linux 20202.3. This release has various impressive updates.A quick overview...
Ask a Pen Tester, Part 1: A Q&A With Rapid7 Pen Testers Gisela Hinojosa and Carlota Bindner
Recently, we tasked some of our Rapid7 customers to ask their most burning questions related to the mysterious art of...
U.S. urges Linux users to secure kernels from new Russian malware threat
The FBI and NSA jointly issued an advisory on Drovorub – a newly disclosed malware program targeting Linux systems. (Jan...
Utah Gun Exchange – 235,233 breached accounts
In July 2020, the Utah Gun Exchange website suffered a data breach which included several other associated websites. In total,...
Catho – 1,173,012 breached accounts
In approximately March 2020, the Brazilian recruitment website Catho was compromised and subsequently appeared alongside 20 other breached websites listed...
Sonicbids – 751,700 breached accounts
In December 2019, the booking website Sonicbids suffered a data breach which they attributed to "a data privacy event involving...
Hackers hijack design platform to go phishing
Australian design platform Canva unwittingly provided phishing campaigns with graphics, making threat actors’ schemes appear more legitimate as they pilfer...
The impact of COVID-19 on healthcare cybersecurity
As if stress levels in the healthcare industry weren’t high enough due to the COVID-19 pandemic, risks to its already...
Russians were warned about phishing emails on behalf of the tax service
Experts of the company Group-IB, specializing in the prevention of cyberattacks, together with the Federal Tax Service (FTS), identified the...
PurpleSharp – C# Adversary Simulation Tool That Executes Adversary Techniques With The Purpose Of Generating Attack Telemetry In Monitored Windows Environments
Defending enterprise networks against attackers continues to present a difficult challenge for blue teams. Prevention has fallen short; improving detection...
Sinter – A User-Mode Application Authorization System For MacOS Written In Swift
Sinter is a 100% user-mode endpoint security agent for macOS 10.15 and above, written in Swift.Sinter uses the user-mode EndpointSecurity...
Join Team Moose: Become a Rapid7 BDR
The Business Development Representative (BDR) program at Rapid7 is an entry-level program that develops our next generation of successful sales...
Lock and Code S1Ep13: Monitoring the safety of parental monitoring apps with Emory Roane
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
New Release: UFONet v1.6 – “M4RAuD3R!”…
Posted by psy on Aug 17Hi Community, I am glad to present a new release of this tool: - https://ufonet.03c8.net...
Two vulnerabilities found in MikroTik’s RouterOS
Posted by Q C on Aug 14Advisory: two vulnerabilities found in MikroTik's RouterOS Details ======= Product: MikroTik's RouterOS Vendor URL:...
Avian JVM vm::arrayCopy() silent return on negative length
Posted by Pietro Oliva via Fulldisclosure on Aug 11Vulnerability title: Avian JVM vm::arrayCopy() silent return on negative length Author: Pietro...
Avian JVM vm::arrayCopy() Multiple Integer Overflows
Posted by Pietro Oliva via Fulldisclosure on Aug 11Vulnerability title: Avian JVM vm::arrayCopy() Multiple Integer Overflows Author: Pietro Oliva CVE:...
SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability
Posted by Egidio Romano on Aug 11SugarCRM < 10.1.0 (Reports Export) SQL Injection Vulnerability *• Software Link:*https://www.sugarcrm.com *• Affected Versions:*...
Smart TVs can be used by hackers to spy on you
Arseniy Shcheltsin, CEO of Russian company Digital Platforms, said in an interview that modern TVs with Smart TV function are...
