Browsing tag
by Gabriel Ryan (s0lst1c3)(gryan[at]specterops.io) EAPHammer is a toolkit for performing targeted evil twin attacks against WPA2-Enterprise networks. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus is placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual […]
A distributed denial-of-service (DDoS) attack aims to exhaust the resources of a network, application or service so that genuine users cannot gain access. There are different types of DDoS attacks, but in general, a DDoS assault is launched simultaneously from multiple different hosts and can affect the availability of even the largest enterprises’ internet services […]
ATM Penetration testing, Hackers have found different approaches to hack into the ATM machines. Programmers are not restricting themselves to physical assaults, for example, money/card catching, skimming, and so forth they are investigating better approaches to hack ATM programming. An ATM is a machine that empowers the clients to perform keeping money exchange without setting […]
Time for resolution as the New Year approaches, whether we plan for fitness to lose weight or spend quality time with friends and family. Nevertheless, one in ten people manage to stick on to their plan, similarly, one in seven people think about cybersecurity as a priority. CISOs as it comes into existence to enhance the […]
The U.S. federal officials have arrested two hackers who have pleaded guilty to computer-crimes charges for creating and distributing Mirai botnet that crippled some of the world’s biggest and most popular websites by launching the massive DDoS attacks last year. According to the federal court documents unsealed Tuesday, Paras Jha and Josiah White were indicted […]
Your best friend in credential reuse attacks. Cr3dOv3r simply you give it an email then it does two simple jobs (but useful) : Search for public leaks for the email and if it any, it returns with all available details about the leak (Using hacked-emails site API). Now you give it this email’s old or […]
The United States Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a warning that malicious hackers are actively targeting government departments, and firms working in the energy, nuclear, water, aviation, and critical manufacturing sectors. The warning, sent via email to energy and industrial firms late on Friday, reveals that hacking […]
A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange (DDE), to perform malicious code execution on the targeted device without requiring Macros enabled or memory […]
Data Breaches are on the rise, creating disasters for companies throughout the world. Just this year, there have been seemingly endless security breaches and hacks, with the victims being both individuals and organizations. While taking protective measures should be the first solution to stay ahead of threats, understanding the types of data breaches and knowing […]
Supo: Espionage rising, attacks on infrastructure falling. The Finnish Security Intelligence Service Supo is complaining that nation-state-level attackers aren’t even bothering to hide themselves from prying eyes. That news comes in the agency’s review of intelligence activity in 2016, announced here. The major trends in cyber-intelligence Supo highlights in the report are increasing attacks against […]
Argentinian security expert Manuel Caballero has published new research that shows how a website owner could show a constant stream of popups, even after the user has left his site, or even worse, execute his very own persistent JavaScript code while the user is on other domains. There are multiple issues and attack scenarios that […]
While many financial phishing schemes require development of bank- and region-specific phishing pages, PayPal’s international reach and widespread popularity mean that attackers can develop phishing pages once and attack in multiple regions. Proofpoint researchers recently encountered a phishing email message that led to what appeared to be a benign PayPal login page. Analysis quickly determined […]
If it wants a password and doesn’t use HTTPS, Mozilla will breathe fire. Shoddy sites will have fewer places to hide with Firefox joining Chrome in badging cleartext sites that collect personal information as insecure. Mozilla’s labels won’t be as prominent as Google’s, introduced this year, which places the red letter label in the address […]
Cyber security affects all of us, but it only makes the headlines when it’s big companies that are the target of attacks. Threat intelligence provider Anomali has produced a new study focusing on vulnerabilities in businesses on the UK’s FTSE 100 list of the largest companies. Among the findings are that over the last three […]