Maze Ransomware Exfiltrated Data of Southwire Firm, Threatens to Publish if Ransom Not Paid
Maze ransomware, a variant of Chacha Ransomware that has been leading the charge of various ransomware attacks lately, now claimed...
threatintel
Dsiem – Security Event Correlation Engine For ELK Stack
Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and...
Exploitivator – Automate Metasploit Scanning And Exploitation
This has only been tested on Kali.It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/Install the...
Metasploit Wrap-Up
Powershell Express Delivery The web_delivery module is often used to deliver a payload during post exploitation by quickly firing up...
The Most Commonly Exploited Web Application Vulnerabilities in a Production Environment
Some of the most common web application vulnerabilities tend to be the most exploited because they are difficult to spot,...
More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
This blog was originally published on November 13, 2019. By Feike Hacquebord, Cedric Pernet, and Kenney Lu The threat group...
Krampus-3PC malware redirects iPhone users to phishing pages
iPhone users who visited certain publishing websites that were compromised by a malvertising campaign may have gotten an unwelcome visit...
Snatch ransomware encrypts files in Safe Mode to thwart security software
A cybercriminal organization has been attacking Windows users with a hybrid ransomware and data stealer program that encrypts machines while...
Company sued for allegedly hijacking Facebook accounts to serve ads
In a lawsuit filed yesterday, Facebook is accusing a Hong Kong-based company of infecting individuals with malware in order to...
U.S. charges alleged members of “Evil Corp” cybercrime group for Zeus and Dridex campaigns
The U.S. today announced legal and regulatory action against the powerhouse cybercriminal group Evil Corp, filing hacking and bank fraud...
Tetris game app used to distribute PyXie Python RAT
A new remote access trojan whose name reminds one of a fairytale and not the potential nightmare it could bring...
Threat spotlight: The curious case of Ryuk ransomware
Ryuk. A name once unique to a fictional character in a popular Japanese comic book and cartoon series is now...
RTTM – Real Time Threat Monitoring Tool
Monitoring possible threats of your company on Internet is an impossible task to be achieved manually. Hence many threats of...
HashCobra – Hash Cracking Tool
hashcobra Hash Cracking tool.Usage$ ./hashcobra -H--====--usage: hashcobra -o <opr> | options: -a <alg> - hashing algorithm - ? to list...
Splunk Attack Range – A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk
The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a...
(Almost) Hollow and Innocent: Monero Miner Remains Undetected via Process Hollowing
By Arianne Dela Cruz, Jay Nebre and Augusto Remillano II As the value of cryptocurrencies increased (after a short dip...
Waterbear is Back, Uses API Hooking to Evade Security Product Detection
By Vickie Su, Anita Hsieh, and Dove Chiu Waterbear, which has been around for several years, is a campaign that...
December Patch Tuesday: Vulnerabilities in Windows components, RDP, and PowerPoint Get Fixes
Microsoft released a total of 36 patches for December’s Patch Tuesday. Decembers tend to have a relatively low number of...
Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
by William Gamazo Sanchez and Joseph C. Chen In November 2019, we published a blog analyzing an exploit kit we...
Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
We found a new spyware family disguised as chat apps on a phishing website. We believe that the apps, which...
Building a Culture of Security Awareness: How to Use Performance Metrics to Communicate SOC Effectiveness Throughout Your Org
It’s no secret that as the security landscape becomes increasingly complex, resources are becoming harder and harder to find. Team...
IoT Vuln Disclosure: Children’s GPS Smart Watches (R7-2019-57)
Executive summary As part of a recent IoT hacking training exercise, a number of Rapid7 penetration testers set out to...
Patch Tuesday – December 2019
Today we come to the end of 2019's monthly Microsoft Patch Tuesday (also known as Update Tuesday). This Christmas, Microsoft...
How to Actually Reduce Risk in Your Environment
What is a vulnerability risk management program? A vulnerability risk management program is imperative at any organization to secure assets,...
