How criminals leverage a Firefox fake extension to target Gmail accounts
Recently, malicious campaigns have been using fake web-browsers extensions commonly disseminated via google Ads and other channels. This article will Proofpoint researchers found a new firefox fake extension active since
Apple Issues Emergency Fix for NSO Zero-Click Zero Day
Threat Post – Citizen Lab urges Apple users to update immediately. The new zero-click zero-day ForcedEntry flaw affects all things Apple: iPhones, iPads, Macs and Watches. Apple users should immediately
Virginia National Guard suffers cyberattack as Marketo leaks data
By Waqas According to the organization, email accounts linked with Virginia National Guard were targeted in the cyberattack. This is a post from HackRead.com Read the original post: Virginia National
WhatsApp’s End-to-End Encryption Isn’t Actually Broken
Threat Post – WhatsApp’s moderators sent messages flagged by intended recipients. Researchers say this isn’t concerning — yet. End-to-end encryption isn’t designed to secure messages against the intended recipients. New
How cross-site scripting attacks work: Examples and video walkthrough
What is a cross-site scripting vulnerability and how does an attacker carry out a cross-site scripting attack? Find out in this walkthrough from Infosec Skills author John Wagnon. How does
The FBI is breaking into corporate computers to remove malicious code – smart cyber defense or government overreach?
Padlokr – The FBI’s latest cybersecurity moves bring the government into new territory – inside privately owned computers. AP Photo/Cliff Owen Scott Shackelford, Indiana University The FBI has the authority
Children’s privacy is at risk with rapid shifts to online schooling under coronavirus
Padlokr – A Grade 6 student takes part in a virtual school session with her teacher and classmates via Zoom from her home in Vancouver, April 2, 2020. (THE CANADIAN
Vaccination passport apps could help society reopen – first they have to be secure, private and trusted
Padlokr – Laurin Weissinger, Tufts University You might soon have an additional app on your phone: a digital vaccination passport that allows people who have been vaccinated against COVID-19 to
Here’s how much your personal information is worth to cybercriminals – and what they do with it
Padlokr – Ravi Sen, Texas A&M University Data breaches have become common, and billions of records are stolen worldwide every year. Most of the media coverage of data breaches tends
SOVA, Worryingly Sophisticated Android Trojan, Takes Flight
Threat Post – The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it ‘the most feature-rich Android malware on the market.’ A new Android
Fake Cryptomining Apps Stole Over $350K From Android Users
Security Intelligence – Fake Cryptomining Apps Stole Over $350K From Android Users Cryptomining has become a lucrative industry, growing more and more mainstream. Now, attackers are trying to grab a
Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’
Threat Post – John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency. This is Part I of a two-part series on how cybercrooks embrace
Hackers dump login credentials of Fortinet VPN users in plain-text
By Waqas Fortinet VPN users are urged to reset their passwords as the company has acknowledged the data to be legitimate. This is a post from HackRead.com Read the original
Python for active defense: Monitoring
Infosec Institute – The MITRE ATT&CK framework is likely the MITRE Corporation’s most famous cybersecurity tool, but it is not the only one. To complement the offensively-focused ATT&CK framework, MITRE
Move Away from “Assume Breach” to Improve Prevention
Ever since the “Vienna Virus” prompted the development of the first antivirus solution in 1987, cybersecurity has come to resemble a high-stakes game of catch up: new threats appear, defenses
BladeHawk Attackers Target Kurds with Android Apps
Threat Post – Pro-Kurd Facebook profiles deliver ‘888 RAT’ and ‘SpyNote’ trojans, masked as legitimate apps, to perform mobile espionage. Attackers have been targeting the Kurdish ethic group for more
Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs
Trend Micro – Remote Code Execution Zero-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs Exploits & Vulnerabilities Microsoft has disclosed the existence of a new zero-day vulnerability that affects multiple
Malware droppers for hire targeting users on fake pirated software sites
By Deeba Ahmed Some fake piracy websites have been found distributing Crypto Bot and Raccoon Stealer malware in cracked software. This is a post from HackRead.com Read the original post:
Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports
Threat Post – Australian immunization app bug lets attackers fake vaccine status. Three weeks after an independent researcher found a critical bug in the Services Australia COVID-19 digital vaccine certificate
REvil ransomware gang is back after disappearing amid Kaseya attack
By Waqas The official website of the REvil ransomware gang (aka Sodinokibi) which is accessible through the Tor browser is back online after going offline since July 2021. This is
Python for active defense: Network
Infosec Institute – MITRE ATT&CK is a well-known cybersecurity tool that breaks the lifecycle of a cyberattack into discrete goals that the attacker may pursue (called “tactics”). For each tactic,
Taidoor malware: what it is, how it works and how to prevent it | malware spotlight
Taidoor is the name of the last persistent threat analyzed and described by Reversing Labs team, and we’ll be using some of their research in this article. Traidoor has been
Cyberspace and outer space are new frontiers for national security, according to an expert report
Padlokr – Steven Freeland, Western Sydney University; Danielle Ireland-Piper, Bond University; Dan Jerker B. Svantesson, Bond University; Jonathan Crowe, Bond University; Samuli Haataja, Griffith University, and Wendy Bonython, Bond University
Morrison’s $1.3 billion for more ‘cyber spies’ is an incremental response to a radical problem
Padlokr – Greg Austin, UNSW The federal government has announced it will spend more than a billion dollars over the next ten years to boost Australia’s cyber defences. This comes
Biden Announces Cybersecurity Initiative Partnership
Trend Micro – On August 25, 2021, US President Biden met with various leaders from the private and education sectors, discussing the effort needed to address growing cybersecurity threats in
Whitehat hacker shows how to detect hidden cameras in Airbnb, hotels
By Waqas A whitehat hacker has shared simple yet useful tips on his TikTok detailing how you can detect hidden cameras in an Airbnb or a hotel room. This is
iOS forensics
Day by day, smartphones and tablets are becoming ever more popular, and as a result, the technology used in development to add new features or improve the security of such
Python for active defense: Decoys
Infosec Institute – The MITRE ATT&CK framework is probably the best-known of the MITRE Corporation’s cybersecurity resources; however, it is focused on the offensive side of cybersecurity. The MITRE Shield
Tutorial: How to exfiltrate or execute files in compromised machines with DNS
Criminals are constantly changing their modus operandi and using different strategies and techniques to compromise their targets and exfiltrate data from the internal networks, even in the most difficult situations.
CyberCX Security Report | September 2021
Read the full story System faults occur due to a business or technology process error. Whilst they only account for a minority of all notifications under the Notifiable Data Breach
Emerging technology, evolving threats — Part II: The asymmetry effect
Security Magazine | Emerging technology, evolving threats — Part II: The asymmetry effect | Security Magazine This website requires certain cookies to work and uses other cookies to help you
The Evolution of Connected Cars as Defined by Threat Modeling UN R155-Listed Attack Vectors
Trend Micro – The United Nations Regulation No. 155 sets provisions for cybersecurity and cyber security management systems in vehicles. A notable section of the document is Annex 5, which
Over 1 Million Sites Affected by Gutenberg Template Library & Redux Framework Vulnerabilities
WordFence – On August 3, 2021, the Wordfence Threat Intelligence team initiated the disclosure process for two vulnerabilities we discovered in the Gutenberg Template Library & Redux Framework plugin, which
Research shows over 10% of sampled Firebase instances open
Avast – Firebase is Google’s mobile and web app development platform. Developers can use Firebase to facilitate developing mobile and web apps, especially for the Android mobile platform. At the
SUNBURST backdoor malware: What it is, how it works, and how to prevent it | Malware spotlight
SUNBURST is a supply chain attack that takes advantage of a backdoor implanted in a supplier to target and compromise organizations indirectly around the globe. Orion, the SolarWinds software that
Ransomware Gangs Using Data Leak Sites to Recruit New Affiliates
Security Intelligence – Ransomware Gangs Using Data Leak Sites to Recruit New Affiliates Ransomware gangs have a new technique to recruit affiliates: posting announcements on their own data leaks websites.
Cyber Intelligence Insights – Australia and New Zealand Health and Aged Care Sector
The CyberCX Cyber Intelligence Insights series presents focused, contextualised information intended to be read by senior decision makers. Prepared by CyberCX’s Cyber Intelligence team, these reports present recent trends that
How to write a port scanner in Python in 5 minutes: Example and walkthrough
Infosec Institute – What is a port scanner and how does one work? Learn how easy it is to build your own basic Python port scanner in this walkthrough from
API Releases New Standard for Pipeline Control Systems
Trend Micro – On August 18, 2021, the American Petroleum Institute (API) released the third edition of Standard 1164, Pipeline Control Systems Cybersecurity. The edition has been in development since
Using Python for MITRE ATT&CK and data encrypted for impact
Infosec Institute – The MITRE ATT&CK framework is a tool designed to aid understanding of how cyberattacks work. MITRE ATT&CK breaks the lifecycle of a cyberattack into a set of
Explore Python for MITRE ATT&CK exfiltration and non-application layer protocol
Infosec Institute – The MITRE ATT&CK framework is a tool developed by the MITRE Corporation to build an understanding of how cyberattacks work. It breaks the lifecycle of a cyberattack
Explore Python for MITRE ATT&CK command-and-control
Infosec Institute – The MITRE ATT&CK framework defines a set of tactics or objectives that a cyberattacker may need to achieve in the course of their attack campaign. For each
ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors
On approximately August 21, 2021, security researchers, cybersecurity leaders, and eventually the CISA, began voicing concerns about the inevitable threat of LockFile ransomware attacks on a wide variety of ill-informed
Explore Python for MITRE ATT&CK email collection and clipboard data
Infosec Institute – The MITRE ATT&CK framework breaks the lifecycle of a cyberattack in a set of objectives (or tactics) that the attacker may need to accomplish to reach their
Explore Python for MITRE ATT&CK lateral movement and remote services
Infosec Institute – The MITRE ATT&CK framework breaks the cyberattack lifecycle into a set of objectives that an attacker may need to achieve during their attack. For each of these
Nested Pages Patches Post Deletion Vulnerability
WordFence – On August 13, 2021, the Wordfence Threat Intelligence team responsibly disclosed two vulnerabilities in Nested Pages, a WordPress plugin installed on over 80,000 sites that provides drag and
Explore Python for MITRE ATT&CK account and directory discovery
Infosec Institute – The MITRE ATT&CK framework breaks the lifecycle of a cyberattack into a series of tactics or goals that the attacker may need to achieve. For each of
ZHtrap botnet: How it works and how to prevent it
A new botnet called ZHtrap is deploying honeypots to capture attacks from other botnets and use that information to hijack their infrastructures. Security researchers from Netlab 360 Team discovered a