Indian Security Researcher Finds Starbucks API Key Exposed on GitHub
Developers at Starbucks left an API (Application Programming Interface) key exposed to hackers with no password protection that could have...
threatintel
SysWhispers – AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls.All core syscalls are supported...
Kamerka GUI – Ultimate Internet Of Things/Industrial Control Systems Reconnaissance Tool
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.Powered by Shodan - Supported by Binary Edge & WhoisXMLAPIwriteup - https://medium.com/@woj_ciech/hack-the-planet-with-%EA%93%98amerka-gui-ultimate-internet-of-things-industrial-control-systems-5ff7d9686b29Demo -...
Attackers sink their meathooks into Landry’s restaurants’ payment card data
The Houston-based steakhouse, restaurant and hospitality company Landry’s, Inc. has advised customers of a point-of-sale malware attack that stole payment...
New evasion techniques found in web skimmers
For a number of years, criminals have been able to steal credit card details from unaware online shoppers without attracting...
XSpear v1.3 – Powerfull XSS Scanning And Parameter Analysis Tool
XSpear is XSS Scanner on ruby gemsKey featuresPattern matching based XSS scanningDetect alert confirm prompt event on headless browser (with...
AVCLASS++ – Yet Another Massive Malware Labeling Tool
AVCLASS++ is an appealing complement to AVCLASS , a state-of-the-art malware labeling tool.OverviewAVCLASS++ is a labeling tool for creating a...
7 Vulnerability Risk Management Resolutions To Consider in the New Year
It’s that time of year again, when people start making personal resolutions to better themselves in the new year. We...
Seattle- based Wyze alleged of data breach: Unpaired all devices from Google Assistant and Alexa
Seattle-based smart home appliance maker Wyze, which is popular for selling its products cheaper than its competitors, has been accused...
SQLMap v1.4 – Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and...
Turbolist3r – Subdomain Enumeration Tool With Analysis Features For Discovered Domains
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r...
Cheers to a New Year! Rapid7’s 2020 Security Predictions
Happy New Year, everyone! While it’s ever-so-tempting to begin this blog post with an already overused “2020 vision” cliche, I...
India Invites Huawei and ZTE to Participate in 5G Trials
The demands for bringing fifth-generation (5G) technology of mobile networks in India are on a rise and the government is...
Microsoft Enters 2020 with Two New Products
Microsoft plans to come up with two products with the advent of the New Year, Windows 10X-powered Surface Neo and...
Alert! USB Flash Drive Malware: Threats Decoded!
The cybercriminals have gotten all the savvier when it comes to finding out new ways of administering malware into the...
Hackers Bypass the 2-step Verification to Invade Government Systems and Industries
2-step verification is an extra security measure that an application uses when connecting to a service or a device. But...
Oh, Behave! Who Made It to Rapid7 Labs’ Naughty List(s) in 2019?
We all know jolly ol’ St. Nick just loves lists, which is an attribute he shares with the researcher elves...
Explained: edge computing
Edge computing may seem like a foreign and future-facing term. Yet its applications are widespread and diverse, with the ability...
A week in security (December 23 – 29)
Last week on Malwarebytes Labs, we continued our retrospective coverage with a look at how lawmakers in the United States...
The Russian President created a new Department for information security
Russian President Vladimir Putin signed a decree increasing the number of departments of the Ministry of Foreign Affairs of Russia...
Cyber police in Ukraine caught hackers who hacked tens of thousands of servers around the world
Cyber police in the Kharkiv region exposed members of a criminal hacker group who purposefully carried out attacks on private...
Hacker Jailed on Charges of Blackmailing Apple
A twenty-two-year-old hacker has agreed that he tried to threaten Apple company by alleging that he had data of accounts...
Memorable Metasploit Moments of 2019
Happy HaXmas, friends and foes (substitute your nouns of choice here). The Metasploit team kicked off 2019 with the release...
Cyber Security Company Predicts Cyber Cold War Will Escalate In 2020
A new Cold War will begin in the world in 2020, it will break out in cyberspace. Fake news before...
