This is becoming a real headache for customers of Orange Livebox ADSL modem in France and Spain during the Christmas season; almost 19,500 modems have been discovered leaking WiFi credentials. This discovery has been made by a security researcher during the last weekend. ZDNet reports, “Over the weekend, a security researcher has discovered that nearly […]
This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation leak. This database makes finding passwords faster and easier than ever before. Screenshot Above image search the credentials for uber.com and have found […]
PhishX is a python tool that can capture user credentials using a spear phishing attack. Spear phishing is a targeted form of phishing attack that is launched against specific individuals. Therefore, some information about an individual is required in order to launch such an attack. Since PhishX is used to capture user’s credentials, the tool […]
Cybercriminals are distributing new phishing scam related to natural disasters that abusing Microsoft Azure Blog Hosting and also attempt to steal the login credentials. Victims abused by forcing them to involved with fake donations or steal funds directly via fraudulent donations in order to steal the credit card numbers. This Phishing campaign Lures Florida Hurricane Michael using malicious PDF documents […]
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser […]
swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc. Download and run the tool On your machine Use the following commands to download and […]
A new Android Banking Trojan found on Google play with more than 10,000 installs steals user’s banking credentials and also capable of by bypassing SMS for two-factor authentication. Security researcher Lukas Stefanko discovered the trojan in the Google play pretended to be QRecorder app that records phone calls. Once the app launched it requests the […]
DanaBot Banking Trojan was discovered earlier this year by Proofpoint, targeting users in Australia through continuous malicious email campaigns, later it expands to Poland, Italy, Germany, Austria. It is a banking Trojan developed in Delphi language, it has a multi-stage and multi-component architecture, most of their functionalities depends on the plugins added to it. The […]
Hackers uploaded finance based fake apps into the Google play store to steal credit card details and login credentials to the targeted bank or service. The malicious apps found to be uploaded into the Google play in June 2018 and they have been downloaded thousands of times. These malicious apps use bogus phish forms to […]
A new unique banking malware dubbed CamuBot poses itself like a security module from the bank to gain victim’s trust and tempt them into installing the malware on their device. The threat actor’s actively targeting the companies and public sector organizations using a number of social engineering techniques to bypass the security controls. Security researchers […]
A new banking malware has been discovered that is targeting bank customers in Brazil. Dubbed as CamuBot, it is identified to be a unique malware because it is disguised as a necessary security module of the bank. The malware can also bypass the biometric authentication feature, which is a disturbing sign. According to IBM X-Force […]
A new Android malware that contains the functionalities of Banking Trojan, call forwarding, audio recording, keylogging and Ransomware Activities. The malware targeted the popular banking apps such as HFC, ICICI, SBI, Axis Bank and other E-Wallets. The malware operator needs more user interaction to be a successful attack, it continues to force the users in […]
A new phishing technique dubbed PhishPoint affected about 10% of Office 365 users. With the new technique, attackers used SharePoint files to host phishing links. Office 365 scans for the link in the Email bodies for blacklist and suspicious domains, in this case, the link enclosed, is to a SharePoint document. Avanan Cloud Security detected […]
Reddit announced today as it suffered a data breach in June, hackers compromised the (2FA) enabled employees’ accounts and gained read access to the Reddit systems. Reddit CTO Chris Slowe says “between June 14 and June 18, an attacker compromised a few of our employees’ accounts with our cloud and source code hosting providers.” From […]
Threat actors behind AZORult malware released an updated version with improvements on both the stealer and the downloader functionalities. Within a day after the new version released a dark web user used AZORult in a large Email campaign to distribute Hermes ransomware. The new campaign with the updated version of AZORult delivering thousands of messages […]
Newly discovered APT Cyber Espionage Campaign called “Leafminer” from Iranian Hacker Group targeting the wide range of government organizations to steal the sensitive data such as Email Data, Files & Database servers Credentials. This APT group using various types of attack tactics such as watering hole websites, vulnerability scans of network services on the internet, and […]
Fake Banking Apps that posing to be from three major Indian banks made way into the official Google Play store. The malicious claiming to increase the credit limit of the three banks. Attackers use bogus phish forms to collect the credit card details and internet banking credentials from the victims. The Fake Banking Apps appears […]
A macOS backdoor dubbed Calisto remained undetected from the radar of antivirus solutions for years. The malware initially uploaded into virustotal back in 2016 and remains undetected until May 2018. Security researchers from Kaspersky spotted the macOS malware sample with suspiciously familiar features that include remote login, screen sharing, remote login and hidden root account. […]
Anubis banking malware re-emerges again and the threat actors distributing the malware on Google Play store apps to stealing login credentials to banking apps, e-wallets, and payment cards. Hackers always finding new ways to bypass the Google play store security and distributing malware via Android apps that will act as the first step in an infection […]
LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. These tools are designed to help pentesters/redteamers doing OSINT, credentials gathering and credentials stuffing attacks. Installation First things first : have a working mongodb server. Then : git clone -b mongodb https://github.com/Acceis/leakScraper cd leakScraper sudo ./leakScraper/install.sh It will install […]
Recently we saw an attempt to hide a back door in a code library, and today there is a new case. This time, information security experts found the backdoor in a Python module. In the SSH Decorator module (ssh-decorate), created by the Israeli developer Uri Goren, which is a library for handling SSH connections from the Python […]