Skip to main content

Search

Items tagged with: cybersecurity


New cheatsheets pushed🕵️‍♂️​

https://github.com/r1cksec/cheatsheets/commit/6761e46f87897ff89734ab23ef22b7c749013faa

Including :blobcatnerd:​ :

https://facecheck.id
This service uses facial recognition to find social media profiles.

https://attl4s.github.io/assets/pdf/Understanding_a_Payloads_Life.pdf
In these slides, different payloads are analyzed. The main focus lies on meterpreter.

https://github.com/MattKeeley/Spoofy
This tool checks if a domain can be spoofed based on SPF and DMARC records.

#infosec #cybersecurity #redteam #hacking


⚠️ Beware of #ShellBot #malware! Weak SSH credentials on #Linux servers are being exploited in a new campaign. ShellBot can perform #DDoS attacks & exfiltrate data.

https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html

#cybersecurity #hacking


A simple #powershell proof of concept for CVE-2023-23397 (calendar #NTLM leak in #Outlook via ReminderSoundFile)🕵️‍♂️​

https://github.com/api0cradle/CVE-2023-23397-POC-Powershell

#cybersecurity #infosec #microsoft #redteam #cve


#reverseengineering Lesson 71: ARM-32 Course 2 (Part 6 – Registers) #assembler #c #cyber #cybersecurity #hack #hacking #hacker #tech https://github.com/mytechnotalent/Reverse-Engineering


Referenced link: https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html
Discuss on https://discu.eu/q/https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html

Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1634855249297932288#m

🚨 Attention all! #Malware downloader BATLOADER has been found abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif.

Learn more: https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html

#cybersecurity #hacking #technews



Cybersecurity experts are warning about a new variant of the #Android banking trojan, #Xenomorph, which has surfaced with new capabilities to target more than 400 banking and financial institutions.

https://thehackernews.com/2023/03/xenomorph-android-banking-trojan.html

#malware #cybersecurity #mobilesecurity #hacking


Some time ago I posted some notes to explain the Recon phase of a Red Team assessment🕵️‍♂️​

Today I have updated a few points.
Feel free to read and if I have missed something, please let me know 🧐

https://github.com/r1cksec/cheatsheets/blob/main/theorie/recon-methodology.md

#redteam #recon #infosec #cybersecurity


Time it takes for a hacker to brute force your password.

#Cybersecurity

Good to know: Tutanota checks your password upon signup and makes sure it's strong enough. Secure your emails now: https://mail.tutanota.com/signup

Of course, we also support 2FA on all clients.

Stay secure! 😍
Overview how long it takes to brute-force a password depending on the combination of keys used.


Dearest hackers, cypherpunks, cyberpunks, lunarpunks, infosec professionals and apprentices

We are THRILLED to announce that BSides CambridgeMA will host its first 1-day conference

OCTOBER 14, 2023

Mark your calendars!

Visit bsidescambridgema.org for details.

Call for Proposals will be released in early April

Please boost far and wide! Huzzah!

#bsides #cambma #boston #infosec #cybersecurity #lunarpunk #cypherpunk #hacking


XSS Vulnerability Scenarios (challenges)

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples
https://github.com/moeinfatehi/xss_vulnerability_challenges

#bugbounty #infosec #infosecurity #cybersec #cyberattack #cybersecurity #hacking #HackingLab


Referenced link: https://thehackernews.com/2023/03/core-members-of-doppelpaymer-ransomware.html
Discuss on https://discu.eu/q/https://thehackernews.com/2023/03/core-members-of-doppelpaymer-ransomware.html

Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1632716259061125127#m

Suspected core members of the DoppelPaymer #ransomware group, responsible for numerous large-scale cyberattacks, have been arrested by German and Ukrainian authorities with support of Dutch police & the FBI.

Read: https://thehackernews.com/2023/03/core-members-of-doppelpaymer-ransomware.html

#cybersecurity #hacking #malware


A new, highly sophisticated piece of #malware known as HiatusRAT has been discovered targeting business-grade routers to spy on victims in Latin America, Europe, and North America.

Find out more: https://thehackernews.com/2023/03/new-hiatusrat-malware-targets-business.html

#cybersecurity #hacking #informationsecurity #technews



Six years ago today, Howard Schmidt passed away. Two weeks before that, Kevin Ziese died. Then, on March 14th, Becky Bace died unexpectedly. I wrote this at the time: https://www.cerias.purdue.edu/site/blog/post/time_passes_and_we_lose_friends/

Later that year, Ken Othoff passed unexpectedly: https://www.cerias.purdue.edu/site/blog/2017/10/.

2017 sucked.

Some of the newer security community members may not recognize those names, which is their loss. I have been fortunate to have met and spoken with these pioneers, as well as Bob Abbott,

1/

#cybersecurity


Computer Science... I remember a day where I knew literally the entire environment, every byte of an app and every byte of a protocol like XMODEM. Today we are in a massively large distributed system and so far we have come and so much do we all have to learn. #computer #science #hack #hacking #cybersecurity #reverseengineering


Shameless self-promotion for my morning followers 👇

My weekly #cybersecurity and #infosec curated resources and links newsletter. Going out every Sunday, directly into your inbox 🚀

Consider subscribing if you don't want, or have time, to keep up on the above, yet want to be aware of what's happening :blobwink:

https://0x58.substack.com


Infografía de la AEPD (Agencia española de Protección de datos) con algunas recomendaciones para mejorar tu privacidad en Internet.


Logotipo del Día de Internet segura.
Niños con símbolos relativos a Internet: la nube, compartir en redes sociales, WiFi y la red de redes.



For anyone looking for a new #CTF to do, I gotta recommend @runZeroInc 's Coin Challenge. It's deceptively tricky, with a rather steep learning curve. I've yet to complete it myself, but the challenges are certainly thought provoking.

The link to get started is: https://info.runzero.com/challenge-coin
#InfoSec #CyberSecurity #HackThePlanet


Nice work concatenating SQL queries with variables, #Cloudflare! 👏 :blobfoxangrylaugh:
Oh, btw, they're supposed to be a #cybersecurity company so IT'S BAD.

Oh and guess what? They marked the comment related to this as spam. :blobcat_thisisfine:

#decloudflare #infosec
Wildebeest source code showing the concatenation of an SQL query with variables.
A GitHub comment by WesleyAC marked as spam  that reads:

it's also real cool and good to assemble the sql statements with string interpolation. afaict that doesn't cause any sql injection problems in the current code, but as soon as there's a path that calls getObjectBy with a attacker-controlled key or something like that there's gonna be problems.

definitely not a sign of half baked software rushed to ship or anything like that!


Referenced link: https://thehackernews.com/2023/02/hydrochasma-new-threat-actor-targets.html
Discuss on https://discu.eu/q/https://thehackernews.com/2023/02/hydrochasma-new-threat-actor-targets.html

Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1628349271451000835#m

A new threat actor called "Hydrochasma" is suspected of carrying out an espionage campaign targeting shipping companies and medical laboratories in Asia.

Learn more: https://thehackernews.com/2023/02/hydrochasma-new-threat-actor-targets.html

#cybersecurity #hacking #malware


Referenced link: https://thehackernews.com/2023/02/mylobot-botnet-spreading-rapidly.html
Discuss on https://discu.eu/q/https://thehackernews.com/2023/02/mylobot-botnet-spreading-rapidly.html

Originally posted by The Hacker News / @TheHackersNews: http://nitter.platypush.tech/TheHackersNews/status/1628027137595768834#m

Researchers have unveiled a new botnet #malware, dubbed "MyloBot," that is spreading rapidly and has already compromised thousands of systems in several countries, including India, the U.S., Indonesia, and Iran.

Read: https://thehackernews.com/2023/02/mylobot-botnet-spreading-rapidly.html

#infosec #cybersecurity #hacking


New Alert: If you are using the “My QR Code” website, your personal data, login credentials and addresses are being exposed to public in an ongoing data leak.

https://hackread.com/qr-code-generator-my-qr-code-data-leak/

#Security #Privacy #Leaks #QRCode #CyberSecurity #DataBreach



Scammers are creating #PayPal accounts and sending #phishing invoices --- Since the email comes from a legit PayPal address, the chances of falling for this scam are more than usual.

Read: https://hackread.com/paypal-scammers-phishing-invoices/

#Security #Phish #Scam #Fraud #CyberSecurity


New: Watch out—another variant of the #Mirai botnet has been detected, exploiting exposed IoT devices for DDoS attacks - #V3G4!

Details: https://hackread.com/mirai-variant-v3g4-ddos-attacks/

#Security #Malware #DDoS #Botnet #CyberSecurity


#reverseengineering Lesson 62: ARM-32 Course 1 (Part 22 – Hacking ADC) #assembler #c #cyber #cybersecurity #hack #hacking #hacker #tech https://github.com/mytechnotalent/Reverse-Engineering

Este sitio web utiliza cookies. Si continúa navegando por este sitio web, usted acepta el uso de las cookies.