New Whitepaper: Exploiting Cellular-based IoT Devices

Rapid7 has released a whitepaper titled “The Weaponization of Cellular Based IoT Technology,” by Deral Heiland, principal security researcher, IoT, at Rapid7, and Carlota Bindner, lead product security researcher at Thermo Fisher Scientific. The paper examines how attackers with physical access c...

hackingtool-v5.1

All in One Hacking tool For Hackers🥇 !https://img.shields...

CVE-2023-41270

Improper Restriction of Excessive Authentication Attempts vulnerability in Samsung Smart TV UE40D7000 version T-GAPDEUC-1033.2 and before allows attackers to cause a denial of service via WPS attack tools...

Actors, Threats and Vulnerabilities 15 to 21 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made significant discoveries in the field of cybersecurity threats. In the past week, they uncovered a total of eight attacks that were executed, taking advantage of five different vulnerabilities across...

Threat Source newsletter (Nov. 3, 2022): Mastodon, evolution, and LiveJournal oh my!

Welcome to this weeks edition of the Threat Source newsletter. Im fascinated by how things live and die on the internet. Things that are ubiquitous to our daily lives are simply gone the next. LiveJournal and Myspace we hardly knew you. Elon Musks purchase of Twitter and the subsequent exodus led...

16 Best DDOS Attack Tools in 2022

What are DDOS attack tools? DDOS attacks are cyber- attacks targeted at rendering certain computers, network systems and servers non-functional. The processes involved in its execution can be however complicated. Attackers have to carry out a long series of actions that involve social engineering...

Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we talk to Eva Galperin, director of cybersecurity for Electronic Frontier Foundation, about the importance of protecting online anonymity and speech. In January, the New York Times expose...

Exploit for CVE-2020-1472

CVE-2020-1472 POC The vulnerability can be exploited in a Wi...

Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats

There has only been a small number of broadly documented cyber attacks targeting operational technologies OT / industrial control systems ICS over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult f...

TRITON Actor TTP Profile, Custom Attack Tools, Detections, and ATT&CK Mapping

Overview FireEye can now confirm that we have uncovered and are responding to an additional intrusion by the attacker behind TRITON at a different critical infrastructure facility. In December 2017, FireEye publicly released our first analysis on the TRITON attack where malicious actors used the...

Threatlist: Hackers Turn to Python as Attack Coding Language of Choice

Python was recently touted as on track to become the world’s most prevalent coding language, looking to swallow, as it were, the majority of the market share for developers. According to recent analysis, Python’s popularity also extends to black hats. Mirroring the findings around its use by code...

KillerBee - IEEE 802.15.4/ZigBee Security Research Toolkit

This is KillerBee - Framework and Tools for Attacking ZigBee and IEEE 802.15.4 networks. REQUIREMENTS KillerBee is developed and tested on Linux systems. OS X usage is possible but not supported. We have striven to use a minimum number of software dependencies, however, it is necessary to install...

ZigBee Security Research Toolkit: KillerBee

KillerBee framework is a tool for attacking ZigBee and IEEE 802.15.4 networks. KillerBee is designed to simplify the process of sniffing packets from the air interface or a supported packet capture file libpcap or Daintree SNA, and for injecting arbitrary packets. Helper functions including IEEE...

Actionable Threat Intelligence, Tailored to You

We are very excited to be launching the next generation of our Client Reputation product. This update takes Client Reputation a huge step further in providing our customers with truly actionable intelligence tailored for them. It computes an even better assessment of the real risk that every...

Terror Exploit Kit Evolves Into Larger Threat

The relatively new Terror exploit kit is bucking the downward trend in the EK market, and is steadily evolving into more of a threat. Researchers at Cisco Talos said Terror has abandoned an early strategy that included “carpet-bombing” a target’s browser to one that now uses exploits that precise...

IBM Opens Attack Simulation Test Center

CAMBRIDGE, Ma. – IBM cut the ribbon on its new global security headquarters Wednesday that will also serve as command center for its just announced X-Force Incident Response and Intelligence Services. The centerpiece of the new 153,000-sqft facility is the company’s Cyber Range which IBM bills as...

NTP Amplification DDoS Attacks Increasing

An ever-shrinking number of vulnerable network time protocol NTP servers are being used with customized distributed denial of service DDoS toolkits to perform increasingly potent NTP amplification attacks. According to the DDoS mitigation specialists at Prolexic, who issued a high alert DDoS atta...

More Flame Modules Could Be Lurking

BROOKLYN, NY–After years of research and investigation into the cyber-espionage attacks that began with the discovery of Stuxnet and continued with Flame, Duqu and Gauss, there still are many details that are unknown. While researchers have a pretty good handle on many of the tools’ capabilities,...

DarkComet RAT Flames Out

The author of DarkComet, one of the more notorious remote administration tools in use today, has said that he is ending development and sales of the tool after finding out that DarkComet was used by the Syrian government in attacks against anti-government activists. DarkComet is one of a handful ...

Why Isn't Cybercrime Worse?

Bank robbers have a clear motivation for their crimes: money. It’s there for the taking; all you have to do is get to it. But there are a lot of inherent risks involved with robbing banks, and, as a new study shows, not a great deal of return. And yet people keep robbing banks. In cybercrime, the...