The Pirate Bay is in hot water once again – This time the reason is the Netherlands where authorities have blocked The Pirate Bay resulting in 40% traffic drop. BREIN, the Dutch anti-piracy group, reports that a 40% drop in Dutch traffic to the domain of world’s most popular torrent download platform The Pirate Bay […]
DNS requests are one of the elements that most often spy on third-party applications and services. Every time we visit a website, before connecting directly to it, a request is sent to the DNS to resolve the domain and obtain the IP to which to connect. A cyber security expert told us that these connections […]
LuLu is the free open-source macOS firewall that aims to block unauthorized (outgoing) network traffic, unless explicitly approved by the user: Full details and usage instructions can be found here. It’s also important to understand LuLu’s limitations! Some of these will be addressed as the software matures, while others are design decisions (mostly with the […]
NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. Legal disclaimer Usage of NetRipper for attacking targets without prior mutual consent is illegal. […]
On January 10, Cisco’s officially released its software platform Encrypted Traffic Analytics (ETA) that can keep a check on network packet metadata so as to detect malicious traffic. The software was previously launched in June 2017 but it has remained in private preview ever since because only enterprises were able to use it. Now, Cisco […]
dnscap is a network capture utility designed specifically for DNS traffic. It produces binary data in pcap(3) and other format. This utility is similar to tcpdump(1), but has a number of features tailored to DNS transactions and protocol options. DNS-OARC uses dnscap for DITL data collections. Some of its features include: Understands both IPv4 and IPv6 Captures UDP, TCP, and IP […]
Google, Facebook, Apple, and Microsoft all affected by “intentional” BGP mishap. Traffic sent to and from Google, Facebook, Apple, and Microsoft was briefly routed through a previously unknown Russian Internet provider Wednesday under circumstances researchers said was suspicious and intentional. The unexplained incident involving the Internet’s Border Gateway Protocol is the latest to raise troubling questions about […]
A traffic sign near North Central Expressway in Dallas was hacked by unknown perpetrator on Friday (November 8th) night and defaced with an obscene message against the President of United States Donald Trump and his voters. The defacement not only shocked people but also caused traffic issues after drivers decided to take snapshots of the sign that […]
Bro is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. It supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with troubleshooting. The most immediate benefit that a […]
Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. Comprehensive DetectionDetects display, video and in-app based ad fraud, web scraping and other forms of invalid traffic from both mobile […]
According to cyber-security researchers Frank Piessens and Mathy Vanhoef from Belgium’s Katholieke Universiteit Leuven, there is a dangerous flaw in the WPA2 protocol which can be exploited by cybercriminals to intercept emails, passwords and other kinds of encrypted data. However, this will be successful only if the attacker is within the range of the vulnerable […]
Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. Comprehensive DetectionDetects display, video and in-app based ad fraud, web scraping and other forms of invalid traffic from both mobile […]
Metadata from web traffic generated by smart devices installed in a home can reveal quite a lot of information about the owner’s habits and lifestyle. According to research published this month by experts from Princeton University, a determined attacker with “capabilities similar to those of an ISP” can use passive network monitoring techniques to collect […]
A renowned privacy group Center for Democracy & Technology (CDT) has accused Hotspot Shield VPN developed by AnchorFree, Inc. of violating user privacy by intercepting web traffic, keeping activity logs and redirecting it to third-party websites especially advertising companies. In a 14-page filing, the group has accused the company of utilizing “unfair and deceptive trade practices” despite stating that it does […]
Defcon is the most important event for the DIY hacking community and this year too, the conference was held in the same spirit. We got to learn about a variety of novel hacking ideas such as the hacking of Voting Machines, hacking airborne drones, hijacking phone numbers and Internet connected car wash system etc. However, […]
In this blog post, we will present a new technique for domain fronting, which enables attackers to abuse Content Delivery Networks (CDNs) to mask malware command and control (C2) traffic. This research demonstrates a new technique for hiding a C2 channel completely within a CDN. While many CDNs are potentially impacted, Akamai is one of the […]
On July 7, French domain registrar Gandi lost control over 751 customer domains, which had their DNS records altered to point incoming traffic to websites hosting exploits kits. The domain hijacking was active for only a few hours, between 12:50 UTC and 13:30 UTC, albeit the DNS records of some domains propagated slower and they […]
SSL is one the best ways to encrypt network traffic and avoiding man in the middle attacks and other session hijacking attacks. But there are still multiple ways by which hackers can decrypt SSL traffic and one of them is with the help of Wireshark. Wireshark has an awesome inbuilt feature which can decrypt any […]
WikiLeaks dumped today the documentation of two CIA hacking tools codenamed BothanSpy and Gyrfalcon, both designed to steal SSH credentials from Windows and Linux systems, respectively. Both tools are “implants,” a term the CIA uses to describe malware payloads. Once installed through various means on a target’s computer, these two implants hook into SSH-related processes […]
According to the latest analysis, the NSA has media secrets “detour parts of Internet traffic that move in the global communication cables,” which allows you to ignore the protections implemented by Congress to limit the Internal surveillance of Americans. So, Technique that NSA uses to spy Americans. Traffic Shaping, Technique that NSA uses to spy Americans […]
WikiLeaks Revealed another Secret Document of CIA Malware called “OutlawCountry” that targets Linux Running Machines which Control and Redirect all outbound network traffic on the target computer to CIA controlled machines. Few days Before WikiLeaks Revealed anather CIA Malware Called “ELSA” have an ability to Tracking Geo-Location information of Wi-Fi enabled Windows OS. According to Leaked Document […]