Targeting U.S. banks, Qbot trojan evolves with new evasion techniques
By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to...
threatintel
A week in security (June 8 – 14)
Last week on Malwarebytes Labs, we looked into nasty search hijackers that worried a lot of Chrome users; a list...
Enel Group attacked by SNAKE ransomware same as Honda
The Enel Group, a power, and sustainability company were hit by EKANS (SNAKE) ransomware on June 7th affecting its internal...
Explicit content and cyberthreats: 2019 report
‘Stay at home’ is the new motto for 2020 and it has entailed many changes to our daily lives, most...
EvilDLL – Malicious DLL (Reverse Shell) Generator For DLL Hijacking
Read the license before using any part from this code :)Malicious DLL (Win Reverse Shell) generator for DLL HijackingFeatures:Reverse TCP...
Axiom – A Dynamic Infrastructure Toolkit For Red Teamers And Bug Bounty Hunters!
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty and pentesting. Axiom...
Introducing a New InsightVM Dashboard to Monitor External and Remote Workforce Assets in Your Environment
As our economies start to slowly reopen, knowledge-based jobs are still heavily relying on working from home during the COVID-19...
Fake applications are replicating “TraceTogether,” a Singapore Covid-19 contact tracing application
Recently, these counterfeit apps emerged on the internet, which alarmed the local authorities to warn the general public. A cybersecurity...
Fast-Google-Dorks-Scan – Fast Google Dorks Scan
A script to enumerate web-sites using Google dorks.Usage example: ./FGDS.sh megacorp.oneVersion: 0.035, June 07, 2020Features:Looking for the common admin panelLooking...
URLCADIZ – A Simple Script To Generate A Hidden Url For Social Engineering
A simple script to generate a hidden url for social engineering.Legal disclaimer:Usage of URLCADIZ for attacking targets without prior mutual...
Russian expert told about the danger of using someone else’s smartphone charging
"Using someone else's charging can cause damage to the smartphone and give hackers access to your personal data and important...
Six New Vulnerabilities Found in DIR-865L Model of D-Link Routers
Over the last few months, the cyber world witnessed an alarming spike in the number of malicious attacks, it's seen...
Largest ISP in Austria Hit by a Security Breach
The largest internet service provider in Austria was hit by a security breach this week, in the wake of enduring...
Shodanfy.py – Get Ports, Vulnerabilities, Informations, Banners, ..Etc For Any IP With Shodan (No Apikey! No Rate-Limit!)
Get ports,vulnerabilities,informations,banners,..etc for any IP with Shodan (no apikey! no rate limit!)Usage# python3 shodanfy.py <ip> e.g: python3 shodanfy.py 111.111.111.111 python3...
KatroLogger – KeyLogger For Linux Systems
KeyLogger for Linux Systems. FeaturesRuns on GUI systems or CLISending data by email Dependenciescurllibx11-dev (Debian-Based)libX11-devel (RHEL-Based) Compiling# ./configure# make# make...
Cryptomining campaign targets Kubernetes via machine learning framework
A malware campaign is abusing the popular machine-learning (ML) framework Kubeflow in order to target Kubernetes clusters with a crypto...
Gamaredon grows by targeting Microsoft Outlook and Office
ESET, an antivirus company has discovered that Gameradon has been growing fast by developing new tools that target Microsoft Office...
Users Might be Under Risk of DNS Vulnerability
What is DNS?It is an essential element in the network (online infrastructure) that allows users to watch or access content...
Attacker-Group-Predictor – Tool To Predict Attacker Groups From The Techniques And Software Used
The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK frameworkHow it works?1-...
EvilPDF – Embedding Executable Files In PDF Documents
Read the license before using any part from this code :)Hiding executable files in PDF documentsLegal disclaimer:Usage of EvilPDF for...
New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
By Ecular Xu and Joseph C. Chen While tracking Earth Empura, also known as POISON CARP/Evil Eye, we identified an...
VBA macro, remote template injectors included in Gamaredon post-compromise tool kit
The Gamaredon threat group has built a post-compromise tool arsenal that includes remote template injectors for Word and Excel documents...
Black Lives Matter phishing scam looks to spread TrickBot malware
Scammers often craft social engineering schemes around major crises and news events, as demonstrated by the wealth of coronavirus-themed phishing...
Search hijackers change Chrome policy to remote administration
The latest type of installer in the saga of search hijacking changes a Chrome policy which tells users it can’t...
