Business in the front, party in the back: backdoors in elastic servers expose private data
It seems like every day we read another article about a data breach or leak of cloud storage exposing millions...
threatintel
52 Hackers get into the US Army system in the last 5 weeks
Last year, during October and November, 52 hackers were able to hack the US army. "It only strengthens our security...
Over 600 Million Users Download 25 ‘Fleeceware’ Apps from the Play Store
Researchers at security firm Sophos has discovered a new set of Android apps present on the Google Play Store that...
AntiCheat-Testing-Framework – Framework To Test Any Anti-Cheat
Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any...
Gowitness – A Golang, Web Screenshot Utility Using Chrome Headless
gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using...
Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know
On Dec. 17, 2019, a directory traversal vulnerability was announced in the Citrix Application Discovery Controller and Citrix Gateway, which...
Renewed Emotet phishing activity targets UN, government and military users
Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at...
Explained: data enrichment
How do your favorite brands know to use your first name in the subject line of their emails? Why do...
Rules on deepfakes take hold in the US
For years, an annual, must-pass federal spending bill has served as a vehicle for minor or contentious provisions that might...
Russian banks to face risk due to a cancellation of support for Windows 7
Termination of technical support for Windows 7 and Windows Server 2008 operating systems (OS) can become a serious problem for...
Hackers from Russia hacked the Ukrainian gas company Burisma
Russian hackers in November 2019 attacked the Ukrainian energy company Burisma in order to gain potentially compromising information about former...
Cyber Security Incidents- the biggest risk to Businesses!
According to a survey of 2,718 executives from across 100 countries, cyber security incidents ranked as the biggest risk to...
Another Chinese state-sponsored hacking groups discovered – would be the fourth one to be found
A group of cyber security analyst, Intrusion Truth have found their fourth Chinese state-sponsored hacking operation APT 40."APT groups in...
An Ex-Operating System Hit by an Exploit Found In Audio Files
A crypto-mining exploit attack, has as of late been discovered in Windows 7 , the ex-operating system which ceased to...
Lsassy – Extract Credentials From Lsass Remotely
Python library to remotely extract credentials. This blog post explains how it works.You can check the wikiThis library uses impacket...
LOLBITS – C# Reverse Shell Using Background Intelligent Transfer Service (BITS) As Communication Protocol
LOLBITS is a C# reverse shell that uses Microsoft's Background Intelligent Transfer Service (BITS) to communicate with the Command and...
Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601): What You Need to Know
What is the CryptoAPI Spoofing Vulnerability? Who is impacted?A flaw (CVE-2020-0601) has recently been found in the way the Microsoft...
How PCI Compliance Helps Keep Your App’s Credit Card Data Safe
Nowadays, it’s easier than ever to create an app that allows customers to interact with your brand. If your app...
Comment on GitHub hosted Magecart skimmer used against hundreds of e-commerce sites by GitHub hosted Magecart skimmer used against e-commerce sites | SC Media
While skimming code is normally stored on infrastructure controlled by the attackers, researchers have observed threat actors creating thousands of...
Comment on GitHub hosted Magecart skimmer used against hundreds of e-commerce sites by Magecart Skimming Code Found on Github – Infosecurity Magazine
keep their CMS and its plugins up-to-date, as well as using secure authentication methods,” Segura concluded. “Over the past year,...
Comment on Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT by Attacchi in corso su Vulnerabilità in Internet Explorer – Yoroi Blog
“Dark Hotel” in ambito cyber-espionage (rif. Early Warning N040518), oltre che in recenti campagne di propagazione di varianti malware Original...
Comment on Under the hoodie: why money, power, and ego drive hackers to cybercrime by What Drives Hackers to a Life of Cybercrime? – Infosecurity Magazine
results of her work were published today in the long-form article "Under the Hoodie: Why Money, Power, and Ego Drive Hackers...
Comment on Obfuscated Coinhive shortlink reveals larger mining operation by Cyber One Solutions CoinHive URL Shortener Abused to Secretly Mine Cryptocurrency Using Hacked Sites
to security researchers at Malwarebytes, a large number of legitimate websites have been hacked to load short URLs unknowingly, generated...
Shell Backdoor List – PHP / ASP Shell Backdoor List
What is a shell backdoor ?A backdoor shell is a malicious piece of code (e.g. PHP, Python, Ruby) that can...
