A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group […]
A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push these domains to the top of search engine results targeting specific search keywords, […]
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the option to remove the secret from your commits or, if you deem the secret safe, bypass […]
The iPhone offers multiple ways of scanning QR codes, but the quickest and easiest method is using its built-in camera app. Open your camera app and point at a QR code; a notification will appear in the lower-right corner of the screen. Follow the QR code link, and you’ll reach its content or link. How […]
In the past, Citrix was found to have a Zero-Day vulnerability in its Citrix NetScaler Application Delivery Controller (ADC), which made it possible for malicious actors to carry out remote code execution. It was discovered that the zero-day vulnerability was being used in the wild, hence it was assigned the CVE ID 2023-3519 and the […]
Threat actors are leveraging a technique called versioning to evade Google Play Store’s malware detections and target Android users. “Campaigns using versioning commonly target users’ credentials, data, and finances,” Google Cybersecurity Action Team (GCAT) said in its August 2023 Threat Horizons Report shared with The Hacker News. While versioning is not a new phenomenon, it’s […]
A Vulnerability Scanner Tools is one of the essential tools in IT departments Since vulnerabilities pop up every day and thus leaving a loophole for the organization. The Vulnerability scanning tools help in detecting security loopholes in the application, operating systems, hardware, and network systems. Hackers are actively looking for these loopholes to use them […]
Security researchers are warning of “a trove of sensitive information” leaking through urlscan.io, a website scanner for suspicious and malicious URLs. “Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable,” Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022. The […]
A well-known tool in the security sector for classifying and identifying malware samples is YARA. Avast just gave the open-source community two tools. YARA Language Server and YaraNG are technologies linked to YARA. Although debugging YARA rules after they have been developed might be difficult, writing them can be tough. Consider a scenario in which […]
SOC 2 may be a voluntary standard, but for today’s security-conscious business, it’s a minimal requirement when considering a SaaS provider. Compliance can be a long and complicated process, but a scanner like Intruder makes it easy to tick the vulnerability management box. Security is critical for all organisations, including those that outsource key business […]
A months-long cyber espionage campaign undertaken by a Chinese nation-state group targeted several entities with reconnaissance malware so as to glean information about its victims and meet its strategic goals. “The targets of this recent campaign spanned Australia, Malaysia, and Europe, as well as entities that operate in the South China Sea,” enterprise security firm […]
There is a security vulnerability in the VirusTotal platform that has been discovered by researchers, and it has the potential to be exploited by an attacker to conduct RCE. Shai Alfasi & Marlon Fabiano da Silva from the Cysource research team has stated:- “They found a way to execute commands remotely within VirusTotal platform and […]
QR codes are all the rage and scammers have taken notice. Look out for dangers lurking behind those little black-and-white squares.
Earlier this week, in a statement, Google declared that it is issuing cash payouts to persons who help the company increase the detection capacities of its new security scanner called Tsunami. Google’s Team states that they hope that this program will enable them to rapidly extend the detection capabilities of the tech giant’s network scanner […]
Apple has developed a system dubbed neuralMatch to locate child sexual abuse material/CSAM, and for now, it will scan iPhones of users in the United States. The perks of the internet are quite obvious and known to all but as they say “with every blessing comes a curse.” Similarly, the digital boom has brought along […]
Researchers report the detection of multiple attempts to exploit ProxyShell, a set of remote code execution flaws in Microsoft Exchange disclosed during the Black Hat cybersecurity conference. ProxyShell consists of three vulnerabilities that unauthenticated remote threat actors could chain together to execute malicious code in affected Exchange deployments. The following describes the three flaws that […]
Information gathering phase shows how an pentester should prepare for his next phases. Because in this phase pentester have to collect information about their target as much possible. Their are many automation tools which are used in gathering information. Today we will show an python script used in gathering information. Vxscan is an extensive scanning […]
Researchers uncovered a new wave of Android malware campaign ” Joker” which posed as a QR scanner to target Android users. Joker malware carries functionalities of both Spyware and Trojan capabilities, and quite sophisticated remain undetected through the traditional malware analysis methods. The malware was initially found from the Google play store where their attacker […]
ZMap is a fast single packet network scanner designed for Internet-wide network surveys. On a typical desktop computer with a gigabit Ethernet connection, ZMap is capable scanning the entire public IPv4 address space in under 45 minutes. With a 10gigE connection and PF_RING, ZMap can scan the IPv4 address space in under 5 minutes. […]
A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. “These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of […]
A tool made for specially scanning nearby devices[BLE,Bluetooth & Wifi] and execute our given command on our system when the target device comes in between range. NOTE:- RadareEye Owner will be not responsible if any user performs malicious activities using this tool. Use it for Learning purpose only. Installation of RadareEye : git […]