Browsing tag
According to the authors of the book ‘Learn ethical hacking’, a group of hackers has infected hundreds of thousands of Asus computers using the company’s own update tool. According to specialists from the International Institute of Cyber Security, Asus, a company based in Taiwan, is one of the leading companies supplying portable computer equipment worldwide. […]
Sophisticated threats are Evolving with much more advanced capabilities and giving more pain for analysis even evade the advanced security software such as Antivirus. This comparison is made by the payload ability to bypass the default security frameworks accessible on Windows machines and antivirus systems available, searching for an approach to get a payload that […]
Goldmouse APT group (APT-C-27) now start exploiting the WinRAR vulnerability (CVE-2018-20250[6]) to hide the njRAT backdoor and targeting users reside in the Middle East via decoy Word document to compromise and control the device. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. Since the vulnerability has […]
Three companies in the videogame industry established in Asian countries have been affected by this attack campaign According to experts in network security and ethical hacking from the International Institute of Cyber Security, a recognized group of Chinese hackers known as Winnti Group compromised the systems of one platform and two videogame development companies established in Asia, […]
The cybersecurity researchers at Trend Micro have discovered A new malware strain tapped into GitHub posts and Slack channels. Dubbed Slub by researchers; the malware works by exploiting a VBScript engine vulnerability that is classified as CVE-2018-8174 (patched by Microsoft last year). By doing so, the malware can compromise authentic, genuine websites and redirect the visitors to a fake page. When […]
Threat actors from TA505 currently spreading powerful FlawedAmmyy RAT via weaponized MS Excel documents with malicious Excel 4.0 macro which is hard to detect by standard security controls. Observed FlawedAmmyy RAT sample is highly sophisticated that can control the infected victims remotely and evade the security software. TA505 threat actors are a well-known cybercrime group […]
Hackers implant backdoors on ‘Infrastructure as a Service’ hardware servers Network security and ethical hacking specialists from the International Institute of Cyber Security report the finding of a new vulnerability that allows hackers to leave backdoors in the firmware of physical servers that are reassigned to other users of cloud services, leaving new users vulnerable […]
Many researchers believe that this new Trojan could detonate an important wave of cyberattacks Network security and ethical hacking researchers from the International Institute of Cyber Security reported the emergence of a cryptocurrency mining campaign that uses the Linux backdoor SpeakUp. According to reports, this campaign would have already infected more than 70k servers worldwide […]
Using Metasploit is not an difficult thing anymore. Because there are many resources that are available over the internet. Which tells usage of metasploit. Metasploit are the common ways of attacking any outdated operating system. Still there are many operating system which can be exploit remotely. And there are many anti-viruses which cannot detect these […]
Experts have discovered a cyberattack campaign against dozens of organizations dedicated to the defense and other critical tasks Digital forensics specialists from the International Institute of Cyber Security reported the emergence of a hacking campaign targeting critical infrastructure companies around the world. The hackers behind this campaign, known as Operation Sharpshooter, are deploying malware associated […]
The non-governmental agency seeks to stop US government pressure on technology and communications companies Digital forensics experts from the International Institute of Cyber Security report that the American Civil Liberties Union (ACLU) has filed a legal procedure to disclose judicial documents about the American government’s attempt to force Facebook to create an encryption backdoor on […]
Researchers observed a new Powershell based backdoor via Microsoft office document that infects similar to MuddyWater threat actor hacking tools to steal victims sensitive data and share it via C&C server to the attacker. MuddyWater is a widely known cyber crime group and they active since 2017 and performs various PowerShell script attacks on private […]
Androspy is Backdoor Crypter & Creator with Automatic IP Poisener Coded By Belahsan Ouerghi Dependencies keytool jarsigner Apache2 Metasploit-Framework xterm Installation sudo apt-get install git git clone https://github.com/TunisianEagles/Androspy.git cd Androspy chmod +x setup.sh sudo ./setup.sh chmod +x androspy.sh sudo ./androspy.sh Tested on : BackBox Linux Kali linux Parrot os Contact Contact – Tunisian Eagles […]
Update your GDPR Compliance plugin right now. Security researchers have identified a critical vulnerability in the popular WP GDPR Compliance plugin assisting over 100,000 website owners around the world to comply with European privacy regulations known as GDPR that was announced by European Union on May 25th, 2018. The vulnerability was discovered by researchers at Wordfence which allows hackers to […]
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner Why KillShot ? You Can use this tool to Spider your website and get important information and gather information automaticaly using whatweb-host-traceroute-dig-fierce-wafw00f or to Identify the cms and to find the vulnerability in your website using Cms Exploit Scanner && WebApp Vul Scanner Also […]
A cryptocurrency app, CoinTicker which is widely used in cryptocurrency industry pushing 2 different backdoors on Mac users to steal the cryptocurrency coins and other malicious activities. CoinTicker app actually appears as a legitimate application that helps to peoples who is willing to enter into cryptocurrency industries and make an investment. This is working in a […]
Cyber criminals distributing new Android malware via Phishing email campaign that turns infected smartphones into hidden mobile proxies. This malicious app installing a fake voice-message app and turns it as a network proxies without users knowledge. This Malware named as TimpDoor that act as a backdoor with stealthy access to the home and corporate network […]
Shadow Brokers Hacking Group’s new administrative module Tool called DarkPulsar Leaks with persistance backdoor to provide remote control to the attackers. There are two sophisticated Frameworks called DanderSpritz and FuzzBunch published in 2017 by the same Shadow Brokers. Frameworks framework modules contain various persistance and advanced functionalities with a variety of plugins that designed to analyze […]
The company has been asked for information about its security software produced in China According to ethical hacking specialists from the International Institute of Cyber Security, in past days Google began to sell in Google Store the Titan Security Key, a physical token that offer two-factor authentication more robust than that provided by a SMS code or a […]
A cyber espionage APT group called Lazarus hits the cryptocurrency exchanges using fake installer and macOS malware using variously sophisticated techniques. Lazarus group widely known for cyber attacks against various financial institutions and they have successfully compromised several banks and other financial sectors. In this case attackers targeting various platform and developing malware based on […]
Newly discovered malware campaign distributing powerful FELIXROOT Backdoor using Microsoft Office Vulnerabilities to compromise the victim’s windows computers. FELIXROOT backdoor campaign initially discovered in September 2017 that distributed via malicious Ukrainian bank documents with macro that download the backdoor from C&C server. Currently attackers distributing weaponized lure documents that contains exploits for Microsoft office vulnerabilities CVE-2017-0199 and CVE-2017-11882 […]