September episode of “In The Trend of VM”: 7 CVEs, fake reCAPTCHA, lebanese pagers, VM and IT annual bonuses

September episode of "In The Trend of VM": 7 CVEs, fake reCAPTCHA, lebanese pagers, VM and IT annual bonuses. Starting this month, we decided to slightly expand the topics of the videos and increase their duration. I cover not only the trending vulnerabilities of September, but also social...

First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia

The explosion of thousands of rigged pagers and walkie-talkies will likely make Hezbollah operatives fear any means of electronic communication. It’s having the same effect on the Lebanese population...

DeftTorero: tactics, techniques and procedures of intrusions revealed

Earlier this year, we started hunting for possible new DeftTorero aka Lebanese Cedar, Volatile Cedar artifacts. This threat actor is believed to originate from the Middle East and was publicly disclosed to the cybersecurity community as early as 2015. Notably, no other intelligence was shared unt...

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...

Hezbollah-Linked Lebanese Cedar APT Infiltrates Hundreds of Servers

Advanced persistent threat APT group Lebanese Cedar has compromised at least 250 public-facing servers since early 2020, researchers said, with its latest malware. The group has added new features to its custom “Caterpillar” webshell and the “Explosive RAT” remote access trojan RAT, both of which...

Digitally Signed Bandook Malware Once Again Targets Multiple Sectors

A cyberespionage group with suspected ties to the Kazakh and Lebanese governments has unleashed a new wave of attacks against a multitude of industries with a retooled version of a 13-year-old backdoor Trojan. Check Point Research called out hackers affiliated with a group named Dark Caracal in a...

Yes Solutions - Webapp SQL Injection

No description provided by source. .:. Author : HackXBack [email protected] Lebanese Hacker .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : YES SOLUTIONS http://www.yessolutions.biz/files/index.php .:. Bug Type : Sql Injection .:. Dork : Powered by: Yes Solutions === Exploit ==...

Gauss Malware Detection Tool released by Iranian CERT

Iranian National Computer Emergency Response Team releases a tool for Gauss malware detection. Cyber surveillance virus has been found in the Middle East that can spy on banking transactions and steal login and passwords, according Kaspersky Lab, a leading computer security firm. Gauss primarily...

PHP-Pastebin Cross Site Scripting

Author : L3b-r1'z Date : 2012-April-30 Title : Php-Pastebin Stored XSS Vulnerability Email : [email protected] Site : Sec4Ever.com Google Dork : allintext: "Php-Pastebin V.2" + P0c : Add New Paste put in the Paste Name alert"L3br1z"; You Will See The Alert : Proud To Be Lebanese Thx To All My...

10 Lebanese government websites taken down by Hacktivist group

Several Lebanese ministry websites were the target of a hack attack Thursday by the group Raise Your Voice, in the second such attack on government-related portals this month. "We are RYV, short for Raise Your Voice, and we are simply a group of people who could not bare sic sitting in silence,...

Lebanese Government sites hacked by 'Raise Your Voice'

Lebanese Government sites hacked by 'Raise Your Voice' A group calling itself 'Raise Your Voice' hacked on Tuesday around 15 Lebanese government websites to ask for an improvement in living standards, the day the parliament launches a three-day session to assess the cabinet's performance. "To our...

ExoPHPDesk v1.2.1 Bypass Vulnerability

Exploit for php platform in category web applications Author : L3b-r1'z Title : ExoPHPDesk v1.2.1 Bypass Vulnerability Dork : allintext: "Powered by ExoPHPDesk v1.2.1" Download : http://exoscripts.com/exohelpdesk Email : email protected Like Me On Facebook : : FB.COM/lbr1z Bypass Vuln + P0c :...

Lebanese Yellow Pages website database Compromised

Lebanese Yellow Pages database Compromised Lebanese Yellow Pages website https://www.yellowpages.com.lb/ database compromised by Hacking Group known as Mad HackerZ Team. Hackers manage to hack database of site and leaked it on internet. Leaked database include the usernames, Password hashes and...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker)

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahclebanese hacker After Sony hacks, Idahclebanese hacker is back to strike Apple.com . He found two vulnerability on as listed below. Iframe Injection : Click here Blind SQL INjection: Click Here Examples of the...

Sony Ericsson Got Hacked by Idahc - Lebanese hacker

Sony Ericsson Got Hacked by Idahc - Lebanese hacker ! Again, DAMN ... Whats Going on with Sony ?.. Idahc , A Lebanese hacker hack The database of ca.eshop.sonyericsson.com with a simple sql injection. Two attacks on Sony in one day. Today's Morning LulzSec Leak Sony's Japanese websites Database a...

Unfixed XSS vulnerability at www.adventureengine.com

Security researcher LeBaNeSe-XsSeR, has submitted on 03/01/2009 a cross-site-scripting XSS vulnerability affecting www.adventureengine.com, which at the time of submission ranked 1034738 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/07/200...

Unfixed XSS vulnerability at www.zabasearch.com

Security researcher LeBaNeSe-XsSeR, has submitted on 16/01/2009 a cross-site-scripting XSS vulnerability affecting www.zabasearch.com, which at the time of submission ranked 5270 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/01/2009. It is...

Unfixed XSS vulnerability at www.classesorange.com

Security researcher LeBaNeSe-XsSeR, has submitted on 05/09/2008 a cross-site-scripting XSS vulnerability affecting www.classesorange.com, which at the time of submission ranked 23129442 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/09/2008...

Unfixed XSS vulnerability at www.ahmadmagazine.com.lb

Security researcher LeBaNeSe-XsSeR, has submitted on 05/05/2008 a cross-site-scripting XSS vulnerability affecting www.ahmadmagazine.com.lb, which at the time of submission ranked 6075839 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...