DarkSword Malware

DarkSword is a sophisticated piece of malware--probably government designed--that targets iOS. Google Threat Intelligence Group GTIG has identified a new iOS full-chain exploit that leveraged multiple zero-day vulnerabilities to fully compromise devices. Based on toolmarks in recovered payloads, ...

APT42’s Operations Employ “Nicecurl” and “Tamecat” Malwares

...

Attacks, Vulnerabilities and Actors 18 to 24 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of fifteen attacks were executed, eight vulnerabilities were uncovered, and five active adversaries...

Attacks, Vulnerabilities and Actors 22 January to 28 January 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, three instances of adversary activity, and three exploited...

Attacks, Vulnerabilities and Actors 15 January to 21 January 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of six executed attacks, two instances of adversary activity, and eight exploited...

Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)

The previous blog from this three-part series showcased an overview of the vulnerability threat landscape. To summarize quickly, it illustrated the popular methods of exploiting vulnerabilities and the tactical techniques employed by threat actors, malware, and ransomware groups. Perhaps more...

PEzor-Docker - With The Help Of This Docker Image, You Can Easily Access PEzor On Your System!

With the help of this kali linux image, you can easily access PEzor on your system! Basically, this image is built from the kalilinux/kali-rolling image and then the PEzor shellcode and PE packer is installed on top of it. Sometimes, it's vital to have access to PEzor, specially in a post exploit...

ClamAV 0.102.0 - bytecode_vm Code Execution

ClamAV 0.102.0 - bytecodevm Code Execution !/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname',...

Automated WPA Phishing Attacks: WiFiPhisher

Wifiphisher is a security tool that mounts automated victim-customized phishing attacks against WiFi clients in order to obtain credentials or infect the victims with malwares. It is primarily a social engineering attack that unlike other methods it does not include any brute forcing. It is an ea...

theZoo - A repository of LIVE malwares for your own joy and pleasure

theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and saf...

WiFiPhisher v1.2 - Automated victim-customized phishing attacks against Wi-Fi clients

Wifiphisher is a security tool that mounts automated victim-customized phishing attacks against WiFi clients in order to obtain credentials or infect the victims with malwares. It is primarily a social engineering attack that unlike other methods it does not include any brute forcing. It is an ea...

Detux - The Multiplatform Linux Sandbox

Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux Debian for various CPU architectures. The following CPUs are currently supported: x86 x86-64 ARM MIPS MIPSEL Use the Live version now:...

Facebook Unveils ThreatData, a framework for Web Security

Defending and Analysis of online threats and malwares have become more challenging nowadays and especially for larger businesses like the popular social networking site - Facebook. To encounter malware, phishing, and other online threats, Facebook has taken an important step forward. Facebook has...

Slack: Open redirect vulnerability

Hi, Open redirect issue: 1 Go to this URL: https://sehacure.slack.com/link?url=http://www.likelo.com The victim will be redirected. Impacts: The attacker can force the user to install trojans,malwares, etc. into his system. And can conduct phishing attacks. Please have a check. Best regards, Anan...

GPS based tracking service provided by Samsung vulnerable to thieves

Samsung which is currently believed to the highest Smartphones Seller in the World is now providing a Remote tracking solution in all its smartphones to Track the lost phone with the name "Samsung Dive". The Service is based on the Architecture which primarily acquires precise location of the sma...

Role of free Hosting in Cyber Crime

Role of free Hosting in Cyber Crime Zscaler experts notice that free hosting and DNS providers abused for hosting Phishing Pages, Spamming, Botnets or Malwares. Many free hosted sites considered as spam. They list "x90x.net" Free hosting Provider which used to host many Facebook Phishing sites...

#Enter_at_your_own_Risk Cyber Awareness Magazine Issue January edition Released

EnteratyourownRisk Cyber Awareness Magazine Issue January edition Released As we promised last month, The Hacker News along with Security-FAQs, SecManiac, Korben, Security-Shell, SecTechno have come together to bring you an outstanding array of internet security and hacking information. You can...

Malcon 2011 - Call for Papers

Malcon 2011 - Call for Papers Malcon is the worlds first platform bringing together Malware and Information Security Researchers from across the globe to share key research insights into building and containment of the next generation malwares . Call for Papers: Malcon 2011 are looking for new...

Be Aware Hacker - Honeypots now in India trap to lure hackers !

Decoys have been present in each and every culture, to capture the unknown as well as the known defaulters. The honey, which was used in turning the heads of bears that we used to find in jungles, well the same honey, but in a revisited version is being implemented and used here and has already...

Windows Mobile 6.5 TR Phone Call Shellcode

Windows Mobile 6.5 TR Phone Call Shellcode. Shellcode exploit for windows platform Title: Windows Mobile 6.5 TR Phone Call Shellcode Author: Celil Ünüver / Device: HTC Touch2 System: Windows Mobile 6.5 TR WinCE 5.0.2 Coded by Celil ‹n¸ver from SecurityArchitect Contact: celilunuvernspamgmail.com...