Dubbed Skidmap by researchers; the Linux malware mines cryptocurrency and drops backdoor – All that without being detected. The perception cryptocurrencies have created today ranges from them being a “flat out scam” to an innovative piece of technology in the new age. While our understanding of the latter is clear, the former needs some light […]
CMSeek is an open-source tool that analyzes the regex of websites in order to detect flaws and content management system used like Joomla, WordPress, Magento, etc … Installation git clone https://github.com/Tuhinshubhra/CMSeeK cd CMSeek/ pip3 install -r requirements.txt Usage CMSeek can be used as CLI or with arguments Let’s try it out We launch the script […]
A new Windows malware in Play – SystemBC. While finding and removing malware on your computer system may indeed be a joyous moment, there’s a new malware out there that will give you a headache instead. To know why, a dive through is needed into SystemBC, a malware written in C++ that has been discovered […]
The fileless code injection technique called Process Doppelgänging is actively being used by not just one or two but a large number of malware families in the wild, a new report shared with The Hacker News revealed. Discovered in late 2017, Process Doppelgänging is a fileless variation of Process Injection technique that takes advantage of […]
Researchers discovered a previously unseen malware called Okrum that distributed from APT15 threat group via a hidden PNG file with steganography technique to evade detection. APT15 threat group also known as Ke3chang has a long history of its malicious activities since 2010, and it was initially reported in 2013 during their campaign activity attack organization in […]
Developed since 2011 for the needs of the French Internet Resilience Observatory, TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an hijacking AS, advertises illegitimately a prefix equal or more specific […]
Rootkits are secret computer programs that allow continuous and privileged access to a computer and actively hide its existence. The term rootkit is the combination of the two words “root” and “kit”. Initially, a rootkit was a set of tools for accessing computers or networks at the administrator level. Root refers to administrator accounts on […]
Detection Methods An IDS can only detect an attack. It cannot prevent attacks. In contrast, an IPS prevents attacks by detecting them and stopping them before they reach the target. An attack is an attempt to compromise confidentiality, integrity, or availability.The two primary methods of detection are signature-based and anomaly-based. Any type of IDS (HIDS […]
Researchers discovered a “Blackwater” malware campaign that suspected to associated with well known MuddyWater APT bypass the security control and install a backdoor on Victims PC using MuddyWater’s tactics, techniques, and procedures (TTPs). MuddyWater involved with a various cyber attack in recent past and its spotted to targeting organizations in Pakistan, Turkey, and Tajikistan using […]
The Emotet malware has been frequently covered here in Hackercombat since July last year. It is not uncommon for a cyber security-centered website to discuss most if not all of its infection instances since it is a very complex banking trojan which continues to receive enhancements from its authors. This time around, we will cover […]
Recent In-depth analysis against Android Antivirus in Google play store reveals that, 138 Android antivirus products are completely fake and potentially harmful to Android users. AV-Comparatives research team performed the effectiveness of antimalware programs for Android to ensure the quality of malware detection against various sophisticated malware. For the analysis, they took 250 Android antivirus […]
Notoriety is what hackers thrive on, no matter if it fetches them money or their dirty deeds flash on the news headlines. Network hacks are on the rise and increasing in severity and frequently each year. In 2017 a joint study from Accenture and Ponemon Institute concluded that an average company experiences 130 security breaches, […]
According to ethical hacking courses, metasploit is the most popular tool used in pentesting. Metasploit tries to find weakness across your local network before an attacker does. This is the most common tool used by attacker’s to test security of operating system. In Kali Linux metasploit comes pre-installed with lots of payloads which are used […]
Insider Threat is one of the dangerous threat actors for many organization and keeping your business protected from outside threats is hard enough, but what about when you need to keep an eye on your own employees (Insider Threat)? As a business owner, it is understandable that you want to keep what you have labored […]
Google has left no stone unturned in preventing malware and banking trojan from invading the applications uploaded on its official Play Store. Despite having anti-malware protection, shady applications somehow make it to the platform. In fact, malware developers have become so advanced in their skills and tactics that they are now using motion detection technology […]
Even after so many efforts by Google for preventing its Play Store from malware, shady apps somehow managed to fool its anti-malware protections and get into its service to infect Android users with malware. Two such Android apps have recently been spotted on the Google Play Store by security researchers with the Trend Micro malware […]
Microsoft launches Malware Detection Competition with AI to test whether the participants AI malware detection models can accurately predict malware from the infected device. Since Malware evolution is continuously targeting organization and individuals with sophisticated techniques, Microsoft is challenging the AI community to develop techniques to predict if a machine vulnerable to hit with malware. In this […]
MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The tool is designed to test Blue Team detections and SIEM correlation rules. It provides a framework based on rules that anyone can write, so when a new technique or attack comes out you […]
Why XSStrike? Every XSS scanner out there has a list of payloads, they inject the payloads and if the payload is reflected into the webpage, it is declared vulnerable but that’s just stupid. XSStrike on the other hand analyses the response with multiple parsers and then crafts payloads that are guaranteed to work. Here are […]
Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. For a high level overview you might want to check out the website If you have any questions or need […]
CoffeeShot is an evasion framework that injects payload from Java-based programs into designated processes on Microsoft Windows. It assists blue team members in assessing the effectiveness of their anti-malware measures against malicious software written in Java. Red team members and pen testers can also use CoffeeShot to bypass the target’s security controls. It utilizes JNA […]