10 matches found
‘The Manipulaters’ Improve Phishing, Still Fail at Opsec
Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called "The Manipulaters," a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claimin...
Who’s Behind the NetWire Remote Access Trojan?
A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan RAT marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau...
Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials
A long-term spear-phishing campaign is targeting employees of major corporations with emails containing PDFs that link to short-lived Glitch apps hosting credential-harvesting SharePoint phishing pages, researchers have found. Researchers from DomainTools discovered the suspicious PDFs – which...
Mimir - Smart OSINT Collection Of Common IOC Types
Smart OSINT collection of common IOC types. Overview This application is designed to assist security analysts and researchers with the collection and assessment of common IOC types. Accepted IOCs currently include IP addresses, domain names, URLs, and file hashes. The title of this project is nam...
Mitaka - A Browser Extension For OSINT Search
Mitaka is a browser extension for OSINT search which can: Extract & refang IoC from a selected block of text. E.g. example.com to example.com, testatexample.com to [email protected], hxxp://example.com to http://example.com, etc. Search / scan it on various engines. E.g. VirusTotal,...
Mass Spoofing Campaign Abuses Walmart Brand
An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information. The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering...
Vote for Malwarebytes Labs: European Security Blogger Awards 2018
It's nearly time for Infosec Europe 2018, and that means it's also time to consider voting for your favourite security blogs, podcasts, video channels, and more for the upcoming European Security Blogger Awards. Thanks to your generous votes, we've been fortunate enough to pick up the award for...
Correcting the Record on vDOS Prosecutions
KrebsOnSecurity recently featured a story about a New Mexico man who stands accused of using the now-defunct vDOS attack-for-hire service to hobble the Web sites of several former employers. That piece stated that I wasn't aware of any other prosecutions related to vDOS customers, but as it happe...
Free Open Source Scalable Incident Response Platform: The Hive
Free Open Source Scalable Incident Response Platform TheHive is a scalable 3-in-1 open source and free solution designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. TheHi...
SpiderFoot v2.6.1 - Open Source Intelligence Automation
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...