A New Wave of Malware Attack Targeting Organizations in South America

A spam campaign delivering spear-phishing emails aimed at South American organizations has retooled its techniques to include a wide range of commodity remote access trojans RATs and geolocation filtering to avoid detection, according to new research. Cybersecurity firm Trend Micro attributed the...

Proxyware Services Open Orgs to Abuse – Report

Services that allow consumers to resell their own internet bandwidth for profit to businesses that want to resell it are ripe for abuse, according to researchers. The burgeoning business model is growing in popularity with consumers who earn about $1 for every 10GB of their bandwidth shared with...

Top Black Hat USA Sessions for Qualys Customers

Black Hat USA is known for cutting-edge security research, and this year’s conference is no different. If you’re a Qualys customer, here are some Black Hat sessions we think youll find relevant. Next-Gen DFIR: Mass Exploits & Supplier Compromise An investigation of real “next-gen” digital forensi...

Kids’ Apps on Google Play Rife with Privacy Violations

About 20 percent of the Top 500 kids’ mobile apps in the Google Play store are collecting data on users in a way that likely violates the Children’s Online Privacy Protection Act COPPA. These have been downloaded by a collective 492 million users, researchers said. That’s according to an analysis...

Bumble: Exfiltrating a victim's exact location (to within 5m)

I used Bumble's distance feature to exfiltrate the exact location to within approx 5m of a victim. I did this by using the Bumble API to move my attacker account's location around the approximate area of the victim. I was able to obtain the exact distance between attacker and victim at 3 separate...

RedWarden - Flexible CobaltStrike Malleable Redirector

RedWarden - Flexible CobaltStrike Malleable Redirector previously known as proxy2's malleableredirector plugin Let's raise the bar in C2 redirectors IR resiliency, shall we? Red Teaming business has seen several different great ideas on how to combat incident responders and misdirect them while...

Now Available: EdgeKV Distributed Key-Value Store

We're excited to announce the availability of EdgeKV, a distributed key-value store database that enables EdgeWorkers to leverage data stored at the edge when deploying custom code across our serverless computing platform. This solution is fully distributed, meaning it runs in 1,400+ networks and...

Dystopia - Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python

Low to medium Ubuntu Core honeypot coded in Python. Features Optional Login Prompt Logs commands used and IP addresses Customize MOTD, Port, Hostname and how many clients can connect at once default is unlimited Save and load config Add support to a plethora of commands Todo Packet Capture Better...

Esri Arcgis Server Cross-Site Scripting Vulnerability

Esri Arcgis Server is a Web-oriented, enterprise-class software platform for geolocation services from Esri, Inc. A cross-site scripting vulnerability exists in Esri Arcgis Server versions prior to 10.9 and Enterprise versions prior to 10.9, which can be exploited to inject malicious HTML...

Emerging Edge Computing Use Cases

The first rule of edge compute thought leadership is: don't overuse the term edge. Over the course of my blog series on the topic, I have defined the edge, explained edge computing, and discussed the economics of edge computing. There have also been a few articles in which I've discussed how...

Scylla - The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc...

Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts, websites/webservers, phone numbers, and names. Scylla also allows users to find all social media profiles main platforms assigned to a certain username. In continuation,...

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

Design/Logic Flaw

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

CVE-2021-23963

CVE-2021-23963 affects Mozilla Firefox and relates to the WebRTC geolocation sharing flow. The issue occurs when sharing geolocation during an active WebRTC share, where the UI could reset the WebRTC sharing state, causing loss of control over the currently granted permission. Affected products/v...

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

CVE-2021-23963

When sharing geolocation during an active WebRTC share, Firefox could have reset the webRTC sharing state in the user interface, leading to loss of control over the currently granted permission. This vulnerability affects Firefox 85...

Feature and Permission Policies. Security issues

Introduction In order to help enhance the user experience of their site, companies may ask to use features of your browser, such as geolocation or notifications to produce a more tailored experience. Web site developers may configure the site or allow third-party content, loaded in frames, to use...

Military, Nuclear Entities Under Target By Novel Android Malware

Researchers have uncovered two novel Android surveillanceware families being used by an advanced persistent threat APT group to target military, nuclear and election entities in Pakistan and Kashmir. The two malware families, which researchers call “Hornbill” and “SunBird,” have sophisticated...