Gowitness – A Golang, Web Screenshot Utility Using Chrome Headless
gowitness is a website screenshot utility written in Golang, that uses Chrome Headless to generate screenshots of web interfaces using...
threatintel
Active Exploitation of Citrix NetScaler (CVE-2019-19781): What You Need to Know
On Dec. 17, 2019, a directory traversal vulnerability was announced in the Citrix Application Discovery Controller and Citrix Gateway, which...
Renewed Emotet phishing activity targets UN, government and military users
Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at...
Explained: data enrichment
How do your favorite brands know to use your first name in the subject line of their emails? Why do...
Rules on deepfakes take hold in the US
For years, an annual, must-pass federal spending bill has served as a vehicle for minor or contentious provisions that might...
Russian banks to face risk due to a cancellation of support for Windows 7
Termination of technical support for Windows 7 and Windows Server 2008 operating systems (OS) can become a serious problem for...
Hackers from Russia hacked the Ukrainian gas company Burisma
Russian hackers in November 2019 attacked the Ukrainian energy company Burisma in order to gain potentially compromising information about former...
Cyber Security Incidents- the biggest risk to Businesses!
According to a survey of 2,718 executives from across 100 countries, cyber security incidents ranked as the biggest risk to...
Another Chinese state-sponsored hacking groups discovered – would be the fourth one to be found
A group of cyber security analyst, Intrusion Truth have found their fourth Chinese state-sponsored hacking operation APT 40."APT groups in...
An Ex-Operating System Hit by an Exploit Found In Audio Files
A crypto-mining exploit attack, has as of late been discovered in Windows 7 , the ex-operating system which ceased to...
Lsassy – Extract Credentials From Lsass Remotely
Python library to remotely extract credentials. This blog post explains how it works.You can check the wikiThis library uses impacket...
LOLBITS – C# Reverse Shell Using Background Intelligent Transfer Service (BITS) As Communication Protocol
LOLBITS is a C# reverse shell that uses Microsoft's Background Intelligent Transfer Service (BITS) to communicate with the Command and...
Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601): What You Need to Know
What is the CryptoAPI Spoofing Vulnerability? Who is impacted?A flaw (CVE-2020-0601) has recently been found in the way the Microsoft...
How PCI Compliance Helps Keep Your App’s Credit Card Data Safe
Nowadays, it’s easier than ever to create an app that allows customers to interact with your brand. If your app...
Comment on GitHub hosted Magecart skimmer used against hundreds of e-commerce sites by GitHub hosted Magecart skimmer used against e-commerce sites | SC Media
While skimming code is normally stored on infrastructure controlled by the attackers, researchers have observed threat actors creating thousands of...
Comment on GitHub hosted Magecart skimmer used against hundreds of e-commerce sites by Magecart Skimming Code Found on Github – Infosecurity Magazine
keep their CMS and its plugins up-to-date, as well as using secure authentication methods,” Segura concluded. “Over the past year,...
Comment on Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT by Attacchi in corso su Vulnerabilità in Internet Explorer – Yoroi Blog
“Dark Hotel” in ambito cyber-espionage (rif. Early Warning N040518), oltre che in recenti campagne di propagazione di varianti malware Original...
Comment on Under the hoodie: why money, power, and ego drive hackers to cybercrime by What Drives Hackers to a Life of Cybercrime? – Infosecurity Magazine
results of her work were published today in the long-form article "Under the Hoodie: Why Money, Power, and Ego Drive Hackers...
Comment on Obfuscated Coinhive shortlink reveals larger mining operation by Cyber One Solutions CoinHive URL Shortener Abused to Secretly Mine Cryptocurrency Using Hacked Sites
to security researchers at Malwarebytes, a large number of legitimate websites have been hacked to load short URLs unknowingly, generated...
Shell Backdoor List – PHP / ASP Shell Backdoor List
What is a shell backdoor ?A backdoor shell is a malicious piece of code (e.g. PHP, Python, Ruby) that can...
Hakrawler – Simple, Fast Web Crawler Designed For Easy, Quick Discovery Of Endpoints And Assets Within A Web Application
hakrawler is a Go web crawler designed for easy, quick discovery of endpoints and assets within a web application. It...
Announcing the 2020 Metasploit community CTF
Metasploit’s community CTF is back by popular demand. Starting January 30, put your skills to the test for a chance...
January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs
2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for...
How to prevent a rootkit attack
If you’re ever at the receiving end of a rootkit attack, then you’ll understand why they are considered one of...
