Microsoft Teams Vishing Used to Deploy Malware via TeamViewer

A vishing scam via Microsoft Teams led to attackers misusing TeamViewer to drop malware and stay hidden using simple but effective techniques...

Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen

In today's digital world, security breaches are all too common. Despite the many security tools and training programs available, identity-based attacks—like phishing, adversary-in-the-middle, and MFA bypass—remain a major challenge. Instead of accepting these risks and pouring resources into fixi...

CISA, NCSC-UK, and Partners Release Advisory on Russian SVR Actors Targeting Cloud Infrastructure

CISA, in partnership with UK National Cyber Security Centre NCSC and other U.S. and international partners released the joint advisory, SVR Cyber Actors Adapt Tactics for Initial Cloud Access. This advisory provides recent tactics, techniques, and procedures TTPs used by Russian Foreign...

Tracking People via Bluetooth on Their Phones

Weve always known that phones--and the people carrying them--can be uniquely identified from their Bluetooth signatures, and that we need security techniques to prevent that. This new research shows that thats not enough. Computer scientists at the University of California San Diego proved in a...

Threat Campaign by Molerats uses NimbleMamba Malware to target Middle East

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An APT group Molerats associated with Gaza has launched a new threat campaign using a malware NimbleMamba aimed at Middle Eastern governments, foreign policy think tanks, and even a state-owned airline. The current attack was...

Twitter Uses Phone Numbers, Emails to Sell Ads

Twitter has acknowledged that user phone numbers and email addresses gathered for security purposes, as part of its two-factor authentication policy, may have been used to sell ads. It calls the move an accident. The revelation is being widely criticized for its obvious breach of user privacy,...

This Week in Security News: IoT Threats and Risks

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threats and risks to complex IoT environments. Also, learn about new security challenges and risks the food production...

Targeted Attacks In The Middle East

This blog post is authored by Paul Rascagneres with assistance of Martin Lee. Executive Summary Talos has identified a targeted attacks affecting the Middle East. This campaign contains the following elements, which are described in detail in this article. The use of allegedly confidential decoy...

Trend Micro Smart Protection Complete Receives 5-Star Review from SC Magazine

The best days are the ones you wake up to good news you weren’t expecting, right? Well, earlier this month we woke up to find out the Trend Micro Smart Protection Complete had received a five-star rating and “Best Buy” recommendation from one of the security industries leading publications at SC...

Al-Khaser v0.65 - Public Malware Techniques Used In The Wild

al-khaser is a PoC malware with good intentions that aimes to stress your anti-malware system. It performs a bunch of nowadays malwares tricks and the goal is to see if you stay under the radar. Possible uses You are making an anti-debug plugin and you want to check its effectiveness. You want to...

Filter Evasion and Bypass Methods - Pentest Magazine

Document Title: =============== Filter Evasion and Bypass Methods - Pentest Magazine References: =========== Download: http://www.vulnerability-lab.com/resources/documents/798.pdf Magazine: http://pentestmag.com/pentest-regular-0113/ Release Date: ============= 2013-05-28 Vulnerability Laboratory...

Hackers Exploit BlackBerry Browser Bug !

Research in Motion has found a security flaw and recommended that user disable JavaScript in browsers on certain phones, threatening the BlackBerry maker's iron-clad reputation for security. "The issue could result in remote code execution on affected BlackBerry smartphones," the Waterloo,...

A Closer Look at Underrated Security Tech

Here are four techniques and related technologies several cited as underrated in today’s security fight. Since one security pro’s miracle tool is another’s waste of budget, it’s no surprise that a couple of the technologies panned earlier are praised here. Read the full article. CSO...

BBC paid 'a few thousand dollars' for botnet

In a statement on Monday, the BBC said that its decision to purchase and use a botnet to espose the malware epidemic had been “in the public interest”. “It was not our intention to break the law,” the BBC told ZDNet UK on Monday. “There is a powerful public interest in demonstrating the ease with...

HTML Comment 'href' Link Obfuscation

Binary data 2303.prm...

IIS HACKING

Hi Folks, i have just compiled the well-known IIS tricks. I hope it will be helpful for securing your server. any comment,suggestion or insult...? wellcome MAB- SECURING IIS by BREAKING ===================================================== by Mount Ararat Blossom 9/15/2000...