A new ransomware distributed by attackers posing as a Windows Activator appearing to be distributed through external network drives. The ransomware found to be active from August 7th and spreading since then. Researchers from 360totalsecurity spotted the ransomware contains hidden configuration function and the information used for encryption. Once the ransomware execution started it executes […]
iOS 12 is set to roll out next month in Apple’s official iPhone launch event. The latest version of iOS brings many new features such as improvements in the photos app, USB restricted mode, grouped notifications, etc. Apart from these new features, Apple has also added some small but handy features to improve the overall […]
Now that Android Pie is live, there are way too many exciting features to look up to. While some will get easily identified, few others might get lost or maybe completely forgotten in our daily usage. Like, did you know? You can roll back to the three-button navigation system from the new Android Pie Gesture Navigation. Well […]
Aron is a simple GO script for finding hidden GET & POST parameters with bruteforce. Aron Installation $ git clone https://github.com/m4ll0k/Aron.git aron $ cd aron $ go get github.com/m4ll0k/printer # now check if $GOPATH is set $ go env | grep -i gopath # if $GOPATH not set, try with: $ export GOPATH=$HOME/go $ go […]
Reconnaissance is one of the first steps to conduct within a pen test engagement. During this stage, information is gathered using different tools and sources. Some web applications may hide web resources from public, there is however a way to discover the hidden content. Cansina is one such open source tool that helps aid in […]
Routersploit is an open source framework used for exploiting vulnerabilities in embedded devices like routers. Routersploit is loaded with various modules that help the tool perform its functionality. These modules can be divided into the following categories. (a) Scanner Modules: Scanner modules are responsible for finding the vulnerabilities in the routers or embedded devices. (a) […]
A hidden bug found within an information management system may have compromised the data of 21,000 U.K. schools, who are all now at risk of a possible breach. It appears the matching algorithm of student records of the system is failing and producing incorrect results when queried. The glitch introduced a peculiar bug where students were […]
In my opinion, haveibeenpwned is the best website to find out about the security of your password. It has gone through a few versions over the years, each version bringing an overall increase in the database of hacked passwords. August 2017 version 1 had a whooping 320 million unsafe passwords. By February this year, the […]
During one of my engagements, I discovered some Windows devices that were affected by the MS17-010vulnerability. One of these devices caught my attention as it’s something I haven’t encountered yet – a Windows Embedded operating system. Since it’s vulnerable to MS17-010, I immediately tried the relevant Metasploit modules. However, none of them worked. All I got was just […]
The Intercept, the publication known for its groundbreaking reports, has come up with another revealing piece (via TechCrunch) about the National Security Agency. The report describes 8 AT&T data facilities that serve as hubs for NSA’s spying activities. The eight facilities are located in major US cities, including Atlanta, Chicago, Dallas, LA, New York City, San […]
If you thought you have seen it all then you were wrong. In fact, thanks to Google Maps there are plenty of places that are kept hidden from the public view – It is also a fact that Google Maps has deliberately hidden these places. But why? The reason for this censorship is mostly unknown, however, there […]
In late May, Cisco security researchers uncovered a router-hacking malware named VPNFilter, which was reported to infect more than 500,000 consumer Wi-Fi devices. At that time, the infected router belonged to companies like TP-Link, Linksys, MikroTik, and Linksys. As per the latest development report, additional device vendors are being targeted by the malware. The new […]
The US-CERT issued a joint technical alert from DHS and the FBI, warning that two new identified malware has been used by the prolific North Korean hacking group APT known as Hidden Cobra by cobra hackers. Hidden Cobra Hackers, often known as Lazarus Group and Guardians of Peace, reportedly backed by the North Korean government […]
HIDDEN COBRA is one of the well known hacking group who is behind the North Korean government spreading Powerful Joanap Backdoor and Brambul Server Message Block Worm across the globe. DHS & FBI has been issued a warning about this cyber attack across the US including the government IT infrastructure. HIDDEN COBRA used IP addresses and related […]
An Ubuntu user identified a malicious code that mines Bytecoin (BCN) hidden in the source code of the Ubuntu snap package (2048buntu and Hextris) on the official Ubuntu Snap Store. The malicious app 2048buntu appears to be a carbon copy of the legitimate 2024 game that hosted on the Ubuntu Snap Store. Both the packages […]
According to researchers, the node’s Packet Manager (npm) team just avoided a disaster when it discovered and blocked the distribution of a backdoor mechanism cleverly hidden inside a JavaScript package. This backdoor mechanism was found by information security experts in “getcookies”, a new npm package to work with browser cookies. The team of professionals of […]
A new Monero Mining Android malware dubbed ANDROIDOS_HIDDENMINER that uses the device CPU power to mine Monero malware and could cause the device to overheat and potentially fail. The Hiddenminer app posses like a legitimate Google Play update app and forces users to grant device administrator permission by deploying it in a continuous loop until […]
Another day, another Android malware – This time, the malware not only comes with Monero mining capabilities but its continuous mining process drains the targeted device. The IT security researchers at Trend Micro have discovered a sophisticated Moreno mining malware targeting Android users in the name of fake Google Play update. As of now, its prime […]
Messages sent to your iPhone may not be as private as you think.
The researchers at Kaspersky Labs have uncovered a malware, dubbed Slingshot, that has been able to hide for around six years. While the exact number is not known, the malware has infected around 100 users in different countries located in Africa and the Middle East. Slingshot is believed to be active since 2012 through February […]
Hidden Cobra cybercrime group continues to target multiple industries and financial sectors. With this new aggressive campaign, the group implanted Bankshot malware in Turkish financial system. Bankshot malware last appeared in the year of 2017, it is designed to remain persistent in the victim’s network, also it is capable of searching for hosts that related […]