Lucene search
+L

296 matches found

Malwarebytes
Malwarebytes
added 2021/04/26 2:51 p.m.71 views

Breaking free from the VirusTotal silo: Lock and Code S02E07

This week on Lock and Code, we speak to Malwarebytes Chief Information Security Officer John Donovan about the flaws in using VirusTotal as the one source of truth when evaluating whether or not a cybersecurity tool actually works. Its a practice that is surprisingly common. Weeks ago, Malwarebyt...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2021/04/23 7:42 a.m.408 views

Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers

Attackers are exploiting the ProxyLogon Microsoft Exchange Server flaws to co-opt vulnerable machines to a cryptocurrency botnet named Prometei, according to new research. "Prometei exploits the recently disclosed Microsoft Exchange vulnerabilities associated with the HAFNIUM attacks to penetrate...

7.8CVSS0.7AI score0.99946EPSS
Exploits31
Krebs on Security
Krebs on Security
added 2021/04/16 12:57 p.m.79 views

Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service that scans submitted files against more than five dozen antivirus and security products. Last month, Microsoft and FireEye identified that file as a newly-discovered fourth malware backdoor used in the sprawlin...

9CVSS0.6AI score0.23771EPSS
Exploits0
CISA
CISA
added 2021/04/15 12:0 a.m.41 views

CISA and CNMF Analysis of SolarWinds-related Malware

CISA and the Department of Defense DoD Cyber National Mission Force CNMF have analyzed additional SolarWinds-related malware variants—referred to as SUNSHUTTLE and SOLARFLARE. One of the analyzed files was identified as a China Chopper webshell server-side component that was observed on a network...

6.8AI score
Exploits0References5
Kitploit
Kitploit
added 2021/02/23 11:30 a.m.67 views

RAT-el - An Open Source Penetration Test Tool That Allows You To Take Control Of A Windows Machine

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus...

8AI score
Exploits0References1
0day.today
0day.today
added 2021/01/04 12:0 a.m.20 views

Knockpy 4.1.1 - CSV Injection Exploit

Exploit Title: Knockpy 4.1.1 - CSV Injection Author: Dolev Farhi Vendor Homepage: https://github.com/guelfoweb/knock Version : 4.1.1 Tested on: Debian 9.13 Knockpy, as part of its subdomain brute forcing flow of a remote domain, issues a HEAD request to the server to fetch details such as headers...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/01/04 12:0 a.m.378 views

Knockpy 4.1.1 CSV Injection

Exploit Title: Knockpy 4.1.1 - CSV Injection Author: Dolev Farhi Date: 2020-12-29 Vendor Homepage: https://github.com/guelfoweb/knock Version : 4.1.1 Tested on: Debian 9.13 Knockpy, as part of its subdomain brute forcing flow of a remote domain, issues a HEAD request to the server to fetch detail...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/04 12:0 a.m.515 views

Knockpy 4.1.1 - CSV Injection

Exploit Title: Knockpy 4.1.1 - CSV Injection Author: Dolev Farhi Date: 2020-12-29 Vendor Homepage: https://github.com/guelfoweb/knock Version : 4.1.1 Tested on: Debian 9.13 Knockpy, as part of its subdomain brute forcing flow of a remote domain, issues a HEAD request to the server to fetch detail...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2020/12/16 8:30 p.m.46 views

Freki - Malware Analysis Platform

Freki is a free and open-source malware analysis platform. Goals 1. Facilitate malware analysis and reverse engineering; 2. Provide an easy-to-use REST API for different projects; 3. Easy deployment via Docker; 4. Allow the addition of new features by the community. Current features Hash...

7.4AI score
Exploits0References5
CISA
CISA
added 2020/10/29 12:0 a.m.17 views

CISA, FBI, and CNMF Identify a New Malware Variant: ComRAT

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense Cyber National Mission Force CNMF have identified a malware variant—referred to as ComRAT—used by the Russian-sponsored advanced persistent threat APT actor Turla. In...

6.9AI score
Exploits0References3
CISA
CISA
added 2020/10/29 12:0 a.m.18 views

CISA and CNMF Identify a New Malware Variant: Zebrocy

Content: The Cybersecurity and Infrastructure Security Agency CISA and the Department of Defense DOD Cyber National Mission Force CNMF have identified a malware variant—referred to as Zebrocy—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to t...

6.9AI score
Exploits0References2
Imperva Blog
Imperva Blog
added 2020/10/22 6:55 p.m.309 views

CrimeOps of the KashmirBlack Botnet – Part II

Introduction The previous blog - “CrimeOps of the KasmirBlack Botnet - Part I” - described the DevOps behind the botnet. It showed how its well-designed infrastructure makes it easy to expand and add new exploits or payloads without much effort,and explained the evolution and version deployment o...

7.5CVSS10AI score0.99999EPSS
Exploits95
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/10/16 12:48 p.m.28 views

This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how cybercriminals are passing the time during the COVID-19 pandemic with online poker games, where the prizes include stolen...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/10/02 8:30 p.m.28 views

uriDeep - Unicode Encoding Attacks With Machine Learning

Unicode encoding attacks with machine learning. Tool based on machine learning to create amazing fake domains using confusables. Some domains can deceive IDN policies Chrome & Firefox. I created the best big dictionary of confusables using neural networks. It is used in the tool and it can be...

7.2AI score
Exploits0References2
CISA
CISA
added 2020/10/01 12:0 a.m.14 views

CISA and CNMF Identify a New Malware Variant

The Cybersecurity and Infrastructure Security Agency CISA and the Department of Defense DOD Cyber National Mission Force CNMF have identified a malware variant—referred to as SLOTHFULMEDIA—used by a sophisticated cyber actor. In addition, U.S. Cyber Command has released the malware sample to the...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2020/09/14 11:30 a.m.209 views

Chimera - PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a shiny and very hack-ish PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1's known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures. Chimera was created for this write-up an...

7.3AI score
Exploits0References9
Kitploit
Kitploit
added 2020/08/31 12:30 p.m.151 views

Mihari - A Helper To Run OSINT Queries & Manage Results Continuously

Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting. How it works Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts IP addresses, domains, URLs and hashes from the results...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2020/08/11 12:30 p.m.65 views

PE Tree - Python Module For Viewing Portable Executable (PE) Files In A Tree-View

Python module for viewing Portable Executable PE files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro to dump in-memory PE files and reconstruct imports. Features Standalone application and IDAPython plugin Supports Windows/Linux/Mac Rainbow PE ratio map: High-level overview...

6.8AI score
Exploits0References5
CISA
CISA
added 2020/08/03 12:0 a.m.20 views

Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a malware variant—referred as TAIDOOR—used by the Chinese government. In addition, U.S. Cyber Command has released the malware sample to the malwar...

6.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2020/07/24 12:54 p.m.46 views

Malicious 'Blur' Photo App Campaign Discovered on Google Play

A new campaign of malicious photo apps on Google Play floods Android devices with random ads instead of functioning as advertised. They also elude detection by making its icon disappear from the device home screen soon after it’s downloaded. Researchers at the White Ops Satori Threat Intelligence...

7.4AI score
Exploits0References6
Rows per page
Query Builder