Browsing tag
According to information security specialists, the California Department of Motor Vehicles (DMV) suffered a data breach that exposed the Social Security numbers of thousands of city drivers; the incident would have given other government agencies undue access to this information. This incident is particularly serious for illegal migrants residing in the state, as the leaked […]
A serious incident has compromised the computer systems of a US school district. According to digital forensics specialists, a ransomware attack has infected about 30,000 computers belonging to the Las Cruces school district, New Mexico, US. The incident caused servers and Internet devices to shut down throughout the district. During a press conference, Superintendent Karen […]
Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don’t need to install or compile any other external libraries (the project is self contained).With Sojobo you can: Emulate a (32 bit) PE binary Inspect the memory of […]
Sparrow-wifi has been built from the ground up to be the next generation 2.4 GHz and 5 GHz Wifi spectral awareness tool. At its most basic it provides a more comprehensive GUI-based replacement for tools like inSSIDer and linssid that runs specifically on linux. In its most comprehensive use cases, sparrow-wifi integrates wifi, software-defined radio […]
Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL (including .NET Assemblies) files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable (such as Program.Main), it produces position-independent shellcode that loads and runs entirely from memory. A […]
Although people buy video camera doorbells from Ring manufacturer hoping to increase the security of their homes, a flaw in the software of these devices could expose its users to a new security risk. According to experts in ethical hacking, the flaw would allow a threat actor to extract username and WiFi password from the […]
We must not forget that even specialized companies can suffer cybersecurity incidents. According to digital forensics experts, an employee of Japan-based security firm TrendMicro was discovered stealing information from the company’s customers and selling it to third parties aiming to deploy sophisticated tech support scam campaigns. The targets of this campaign were the company’s customers […]
Data breach incidents can be catastrophic for any organization, resulting in large fines, loss of user or customer trust, and public image damage. However, a recent research conducted by information security specialists has found that these incidents could in fact be beneficial for some companies. As you may recall, a data breach involves unauthorized access […]
EyeWitness is designed to take screenshots of websites provide some server header info, and identify default credentials if known.EyeWitness is designed to run on Kali Linux. It will auto detect the file you give it with the -f flag as either being a text file with URLs on each new line, nmap xml output, or […]
Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pen-testing of systems. GitHub […]
Marriott International hotel chain has alerted its associates about a cyber security incident that could negatively impact the security of some associate’s data (specifically their social security numbers), after an unidentified threat actor accessed network of an outside vendor formerly used by Marriott, data protection experts reported. This incident did not involve or impact the […]
According to information security specialists, about one hundred web application developers may have had inadequate access to the data of millions of Facebook users, as the company made a mistake that led to the revocation of some restrictions on the access to this information. Because the data breach was publicly disclosed only through Facebook’s developer […]
US President Donald Trump always resorts to the term ‘fake news’ to refer to news reports that are not favorable to him, and despite criticism for his constant attacks on the press, this time the term fits perfectly with the incidents reported by digital forensics specialists. Recently, several cases of a fake Donald Trump themed […]
HomePwn is a framework that provides features to audit and pentesting devices that company employees can use in their day-to-day work and inside the same working environment. It is designed to find devices in the home or office, take advantage of certain vulnerabilities to read or send data to those devices. With a strong library […]
XRay is a tool for network OSINT gathering, its goal is to make some of the initial tasks of information gathering and network mapping automatic. How Does it Work?XRay is a very simple tool, it works this way: It’ll bruteforce subdomains using a wordlist and DNS requests. For every subdomain/ip found, it’ll use Shodan to […]
Ransomware remains one of the main cybersecurity threats for any individual or company. Vulnerability testing specialists report a serious ransomware infection that has crippled all computer operations in Nunavut, a remote Canadian territory. In a statement, the local government said, “All government services that depend on access to digital resources have been affected by a […]
WordPress is probably the most popular content management system (CMS) today, so it’s no wonder it’s also the subject of multiple cybersecurity threats. According to cybersecurity experts, the most serious of these threats is a criminal campaign deployed by a group identified as WP-VCD, from which most hacking incidents against WordPress sites stem. A report […]
A team of ethical hacking specialists has developed a free tool to remove the encryption implemented by the ransomware variant known as Paradise, which provides victims of this infection an option to regain access to their encrypted files without having to negotiate with threat actors. Paradise ransomware has been active at least since September 2017 […]
Unfortunately, data breaches are very common incidents today, with email addresses being one of the most exposed data in these cases. In this regard, information security experts, in collaboration with the firm Who Is Hosting This, conducted a study to find the most secure email services, as well as those most exposed to hackers. One […]
Digital forensics specialists reported a massive ransomware campaign that has infected the networks of some major companies in Spain, including broadcaster Cadena SER and consulting firm Everis. According to reports, the attacks have been serious enough to deeply affect operations in both organizations, which report multiple outages and system failures. Failures in the broadcaster’s IT […]
Any service or platform on the Internet is not only exposed to hacker attacks, but can also fall victim to mistakes of people who should ensure their integrity. According to information security experts, some camgirls sites in Spain exposed information from both sex workers and users, after the company in charge of these sites left […]