Mozilla, for many decades is working hard in order to regularly deliver to us a security-conscious browser we all know and love. However, there are times that Mozilla offers snippets of freebies, which highlights the non-profit company’s goal of helping secure the Internet world. Mozilla has released Firefox Monitor, which everyone can try by visiting […]
The focus today is on the Indian corporate scenario. The HackerCombat research team, ever on the go, has been analyzing the current cybersecurity landscape in India, with special focus on the world of corporates and corporate users. We have been assessing and studying all the trends as regards cybersecurity; we had met and interviewed independent […]
The attack could have exposed employees’ personal information The US State Department has confirmed that a hacker or group of hackers managed to infringe one of their email systems, an event that could potentially expose the personal information of some of their employees, as reported by ethical hacking specialists from the International Institute of Cyber Security. The […]
Small and medium-sized enterprises are primarily facing phishing attacks, according to a recent research Despite growing phishing, ransomware and other types of malware threats, many small businesses do not have a cybersecurity employee training program, according to a report by experts in ethical hacking. Thanks to a survey of nearly 500 small and medium-sized enterprises (SMEs) […]
The company did not operate with industry’s best practices It is very easy to assume that data management software companies are perfectly capable of managing their own information. However, it turns out that some companies, even the most popular ones, have difficulty doing this job. Veeam, a well-known cloud data management firm, has recently been struck […]
Hackers uploaded a collection of 42 million Email Address , plain text passwords, Spotify details, and partial credit card data to free anonymous hosting service Kayo.moe. The operators of the service Kayo reached out to the security expert Troy Hunt to report the data and for further investigation. Kayo shared 755 files totaling 1.8GB. According […]
Researchers have discovered a new downloader, called AdvisorsBot, as part of an attack campaign aimed at telecom and hospitality companies AdvisorsBot is a downloader recently discovered by ethical hacking experts that is being used as part of a phishing campaign specifically targeted to compromise telecom companies, restaurants and hotels. According to the investigators, this campaign might […]
Cybercriminals are continuing to innovate and use legitimate tools to deliver the malicious file, with this new campaign attacker used WMIC (Windows Management Interface Command) to deliver the information-stealing malware. WMIC is a command line interface that allows users to run WMI operations, which used to get the status of the local or remote computer systems. […]
voicemailautomator is a tool that serves as a Proof of Concept for “Compromising online accounts by cracking voicemail systems”. voicemailautomator supports two actions: “message” – retrieves and records the newest message in the voicemail system. It returns a URL with the recording. “greeting” – changes the greeting message to specific DTMF tones It uses […]
Mimecast, a data security firm recently announced the result of their quarterly Email Security Risk Assessment report revealing an 80% increase of phishing, through the use of impersonation activities. In a year after the devastation of the WannaCry ransomware and the wider spread of cryptojacking malware, cybercriminals are still depending on high-level social engineering attacks. […]
Windows-based Outlook Express for a long time had been the center of controversy for Microsoft for implementing an insecure email client from 1993 till 2006. It was only until the release of Windows Vista’s Mail app (Outlook Express’ successor.) when Microsoft started to pick-up a better PR for their email client’s security reputation. However, vulnerabilities […]
Phishing emails are an everyday occurrence, as they are effective in taking advantage of people’s easy propensity to trust corporate logo-bearing messages. The number one motivation is profitability, there is money to be made from every poor victim of social engineering. ACMA (Australian Communications and Media Authority) has warned the Australian public about a circulating […]
Reddit announced today as it suffered a data breach in June, hackers compromised the (2FA) enabled employees’ accounts and gained read access to the Reddit systems. Reddit CTO Chris Slowe says “between June 14 and June 18, an attacker compromised a few of our employees’ accounts with our cloud and source code hosting providers.” From […]
Photon is a lightning fast web crawler which extracts URLs, files, intel & endpoints from a target. Yep, you can use 100 threads and Photon won’t complain about it because its in Ninja Mode. Why Photon? Not Your Regular Crawler Crawlers are supposed to recursively extract links right? Well that’s kind of boring so Photon […]
Newly discovered APT Cyber Espionage Campaign called “Leafminer” from Iranian Hacker Group targeting the wide range of government organizations to steal the sensitive data such as Email Data, Files & Database servers Credentials. This APT group using various types of attack tactics such as watering hole websites, vulnerability scans of network services on the internet, and […]
LifeLock, an Arizona-based identity theft protection firm may have exposed email addresses of millions of its customers – Simply put: A firm vowing to protect online identity of its customers may have exposed their identity to malicious hackers and cybercriminals. It happened due to a critical vulnerability which exposed LifeLock’s customers to phishing and identity […]
Online travel booking website Yatra.com was compromised and attackers steal 5 Million user records that include email address & physical addresses, phone numbers & plain text passwords & PINs. The Yatra.com data breach happened back in 2013, and it came to light now, data breach recorder vigilante.pw first noticed the breach, according to Have I Been […]
Google says third-party developers can read your Gmail because you allow them. In 2014, during a lawsuit hearing, Google acknowledged that the company reads users’ emails and that Gmail users should not expect privacy. Then, in June last year, Google announced that it will stop analyzing user’s personal emails for targeted advertising purposes. However, now, […]
Although Google has promised better privacy measures to its users, reports from Wall Street Journal suggest that thousands of application developers have access to Gmail users’ private messages. These developers would receive messages from users who have subscribed to alerts as price comparisons for services or travel agency alerts, according to the media reports. […]
After issuing a patch, users are encouraged to make sure they are using the latest version of the browser. According to reports of experts in information security training from the International Institute of Cyber Security, a Google developer has discovered a serious vulnerability that affects Microsoft Edge and other browsers, and that could provide […]
Ticketfly, an online ticket sale service, has been targeted by a malicious agent and, as a result, user’s personal information was stolen, information security trainingspecialists from the International Institute of Cyber Security. In addition, the Ticketfly website was deleted and a message was placed on the home page: “Your security is down, we are not […]