A New MacOS Malware “OSX/Dok” Discovered to Steal Banking Credentials by cloning major Banking website which leads victims to install the Malicious Application into victims mobile Devices. This infection leads to potentially compromise the victims and leaks their sensitive data from their mobile platform. OSX/Dok Malware used to Attack Mac users via traditional Spam and […]
Remote Access Trojan(RAT) Called “Adwind”(Adwind/jRAT) Targeting Aerospace Industries to steal credentials, record and harvest keystrokes, take pictures or screenshots, film and retrieve videos, and exfiltrate data. Its a Cross Platform Remote Access Trojan which Detect as JAVA_ADWIND and Malware Authors developed this Malware to run on any machine installed with Java, including Windows, Mac OSX, […]
The whistleblowing platform WikiLeaks is back with another batch of Vault 7 related documents exposing the alleged hacking tools and programs used by the American Central Intelligence Agency (CIA) to hack and spy on users worldwide. This time, WikiLeaks has dumped the details of two more hacking tools as part of its Vault 7 series. Like […]
Short Bytes: WikiLeaks has recently published new documents, revealing new CIA malware implants. The first implant, named BothanSpy, targets SSH client Xshell on Windows machines. The second implant, called Gyrfalcon, targets OpenSSH clients on Linux system. Both implants are capable of stealing user credentials and spying on the session traffic. While Windows users were getting […]
WikiLeaks dumped today the documentation of two CIA hacking tools codenamed BothanSpy and Gyrfalcon, both designed to steal SSH credentials from Windows and Linux systems, respectively. Both tools are “implants,” a term the CIA uses to describe malware payloads. Once installed through various means on a target’s computer, these two implants hook into SSH-related processes […]
WikiLeaks Revealed Another CIA Cyber Weapons called “BothanSpy” and “Gyrfalcon” steals the SSH Credentials from both Windows and Linux Platform and both tools are performing in Different OS Platform and Different Attack vector. SSH (Secure Shell) Protocol is used for Communicate Network services securely from unsecured channel Especially for user Perform Remote Login and The standard TCP […]
Are you trying to know the Username and Password of any FB Account but you don’t want to hack their Account? It’s Possible! Note: Article is only for security purpose, don’t use for any illegal purpose and i am not responsible for anything. Step 1 : Install Kali (If You Haven’t Done So Already) The […]
The security researcher Stefan Winter has discovered a TLS resumption authentication bypass in FreeRADIUS, the world’s most popular RADIUS Server. The security researcher Stefan Winter from the Luxembourg’s high-speed academic network RESTENA has discovered a FreeRADIUS TLS resumption authentication bypass. FreeRADIUS is the world’s most popular RADIUS Server, “it is the basis for multiple commercial offerings. It supplies the […]
Amidst the recent series of attacks launched on various computers through the WannaCry Malware, a relatively minor incident occurred in which Spotify took the hit by having its user’s credentials dumped on a public website for everyone to see. The Leak Boat The hacker group, Leak Boat, has claimed responsibility for publishing the usernames and […]
Google Chrome may not be as safe as it was thought to be. Recently, a security engineer, Bosko Stankovic, found a vulnerability in Google Chrome that hackers can easily exploit to get a user’s credentials such as their username and password and potentially launch SMB relay attacks. It must be noted that WannaCry ransomware attack also […]
Just by accessing a folder containing a malicious SCF file, a user will unwittingly share his computer’s login credentials with an attacker via Google Chrome and the SMB protocol. This technique is not new, but a combination of two different techniques, one taken from the Stuxnet operation, and one detailed by a security researcher at […]
Argentinean security researcher Manuel Caballero has discovered another vulnerability in Microsoft’s Edge browser that can be exploited to bypass a security protection feature and steal data such as passwords from other sites, or cookie files that contain sensitive information. The vulnerability is a bypass of Edge’s Same Origin Policy (SOP), a security feature that prevents […]
Hyundai Blue Link apps on Android and Apple app stores are vulnerable to cyber attacks which if exploited can allow attackers to steal personal as well as sensitive data of the user. The vulnerability exists in the apps’ software 3.9.4 and 3.9.5 which takes advantage of insecure WiFi spots or by the standard man-in-the-middle (MitM) attack to […]
[jpshare]Security Experts from Avast came through a Malware that uses a sandbox(DroidPlugin) to dynamically load and run an app, without actually installing the app, just like VirtualApp. This makes it harder for antivirus solutions for recognizing the malware, as its malicious parts are not put away in the host application. This malware is spread through […]
A series of phishing campaigns is targeting airline consumers with messages crafted to trick victims into handing over personal or business credentials. A wave string of phishing campaigns is targeting airline consumers with messages crafted to trick victims into handing over personal or business credentials. The phishing messages pretend to be sent from a travel agency […]
Security experts say they are skeptical that a group of hackers called Turkish Crime Family actually possess a cache of hundreds of millions of Apple iCloud account credentials. A more plausible explanation, they say, is that crooks used credential stuffing attacks to amass a limited number of valid Apple usernames and passwords in attempt to […]
Travis Ormandy, a researcher at Google project zero, found some critical security flaws in the famous password manager LastPass which could allow hackers to steal passwords. At first, it was the LastPass version 3.3.2 which was reported to have the bug. Mr. Ormandy hasn’t made his finding public until now, and it looks like LastPass […]
Twitter is now the target of a phishing attack that uses methods to trick brand managers and social influencers into fake account verification. Security firm Proofpoint discovered the phishing attack, which places ads on websites and lures brand managers to false verification pages. The ads come from an account that copies the official Twitter support […]
Critical Vulnerability with NETGEAR WNR2000 was disclosed by security experts from Agile Information Security. SUMMARY NETGEAR WNR2000 permits a administrator to play out various sensitive functions in the web interface through an obvious CGI script named apply.cgi. This script is invoked while changing Internet settings, WLAN settings, re-establish to industrial facility settings, reboot the switch, and so […]
Malicious threat actors are using exclusively designed URLs to deceive users into providing their Gmail credentials. This latest phishing campaign, discovered by security experts, utilizes a very effective phishing attack that can trick even the most alerted users and tech-savvy people. The campaign involves sending infected messages to the contacts from an already infected computer. […]
Cybercriminals are adopting specially crafted URLs to trick users into entering their Gmail credentials in a new sophisticated phishing campaign. Security experts discovered a new effective Gmail phishing attack that is able to deceive also tech-savvy people. Crooks leverage on specially crafted URLs to trick victims into providing their Gmail credentials on a phishing page. The malicious messages are sent […]