Lazyrecon – Script To Automate Your Reconnaissance Process In An Organized Fashion
LazyRecon is a script written in Bash, it is intended to automate some tedious tasks of reconnaissance and information gathering....
threatintel
PathAuditor – Detecting Unsafe Path Access Patterns
The PathAuditor is a tool meant to find file access related vulnerabilities by auditing libc functions.The idea is roughly as...
Why Running a Privileged Container in Docker Is a Bad Idea
By David Fiser and Alfredo Oliveira Privileged containers in Docker are, concisely put, containers that have all of the root...
Multiple-malware dropper ‘Legion Loader’ dissected
The insidious nature of difficult-to-detect, multiple strains of malware working in tandem to unleash complete obliteration is on full display...
It’s a trap! Cybercriminals use Star Wars: Rise of Skywalker as bait
Star Wars: The Rise of Skywalker is just being released into theaters today but cybercriminals were already assembling fake websites...
A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s
This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the...
Insider Threat : Employees of Russian banks are massively recruited to get data
In Russia, there are 73 services that recruit insiders in Russian banks. This information was shared by Darknet researcher Anton...
Twitter Followers of the Epilepsy Foundation Targeted by a Mass Strobe Cyber attack
A series of mass cyber-attack occurred during the National Epilepsy Awareness Month, as the hackers circulated videos and pictures of...
Data leak- Thousands of US defense contractors’ data leaked !
A digital consultancy firm accidentally leaked personal information of thousands of defense contractor employees of United States due to A...
TP-Link Routers Vulnerable Again; Voids Passwords! Patching Highly Suggested!
A “zero-day vulnerability” was recently discovered in the “TP-Link Archer C5v4 routers” with the firmware version 3.16.0 0.9.1 v600c and...
Automatic API Attack Tool – Customizable API Attack Tool Takes An API Specification As An Input, Generates And Runs Attacks That Are Based On It As An Output
Imperva's customizable API attack tool takes an API specification as an input, and generates and runs attacks that are based...
Silver – Mass Scan IPs For Vulnerable Services
masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows...
A Visit from the Spirits of HaXmas Past
One balmy Texas winter’s eve, having closed the pull request tab for the night, I lie in bed poking at...
Spelevo exploit kit debuts new social engineering trick
2019 has been a busy year for exploit kits, despite the fact that they haven’t been considered a potent threat...
“Smart Spies”- Amazon Alexa and Google Home’s Voice Assistant Were Vulnerable to a Security Flaw
Alexa and Google Home smart speakers have been vulnerable to a security threat that made eavesdropping, voice phishing and using...
Hackers using government websites of Russian Federation for mining
Cybercriminals used to generate cryptocurrencies not only computers of ordinary Internet users but also the resources of large companies, as...
All Android Users Beware! All The Android Versions Vulnerable To This New Bug ‘StrandHogg’
Android is vulnerable anew owing it to a new bug that goes by the name of “StrandHogg”. It is a...
Secretx – Extracting API Keys And Secrets By Requesting Each URL At The Your List
Extracting api keys and secrets by requesting each url at the your list.Installationpython3 -m pip install -r requirements.txtUsagepython3 secretx.py --list...
ReconCobra – Complete Automated Pentest Framework For Information Gathering
ReconCobraReconcobra is Foot printing software for Ultimate Information GatheringKali, Parrot OS, Black Arch, Termux, Android Led TVInterfaceSoftware have 82 Options...
All I Want for Christmas Is a Big Box of Quirky IoT
During a recent trip, I met up with some good friends and had a conversation about a new hobby of...
Momentum botnet spotted in the wild
A new botnet dubbed Momentum has been found targeting Linux systems running on a variety of different processors and pushing...
Building a Daily Threat Simulation Tool with Todd Beebe
In the latest episode of our podcast, Security Nation, we sat down to talk with Todd Beebe about the automated...
New Consumer Online Privacy Rights Act (COPRA) would empower American users
Despite the already dizzying number of comprehensive data privacy proposals before the US Senate—nearly 10 have been introduced since mid-2018—yet...
In Berlin, Russian and German scientists discussed the danger of smart gadgets
By December 15, on behalf of President Vladimir Putin, the Russian government should prepare a Federal project "Artificial intelligence", which...
