Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-02-18 07:26:05 |
(Déjà vu) Toyota PASTA Car-Hacking Tool will be soon on GitHub (lien direct) |
Toyota plans to release the PASTA (Portable Automotive Security Testbed) Car-Hacking Tool on GitHub next month. Takuya Yoshida from Toyota's InfoTechnology Center and his colleague Tsuyoshi Toyama are members of a Toyota team that developed the new tool, called PASTA (Portable Automotive Security Testbed). PASTA is an open-source testing platform specifically designed for car hacking, […]
|
Tool
|
|
|
![Blog.webp](./Ressources/img/Blog.webp) |
2019-02-17 07:29:00 |
TrevorC2 – Command and Control (lien direct) |
TrevorC2 is command and control framework. It is a client/server model which works through a browser masquerading as C2 tool. It works on different time intervals which makes it almost impossible to be detected. This tool is coded in python but it's also compatible with c#, PowerShell, or any other platform. this is supported by... Continue reading →
|
Tool
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2019-02-14 09:00:00 |
Learn New Malware-Fighting Tools & Techniques at Black Hat Asia (lien direct) |
There's no better place to brush up on the latest malware than Black Hat Asia in Singapore next month with a cornucopia of practical Trainings, Briefings, and Arsenal tool demos. |
Malware
Tool
|
|
|
![WiredThreatLevel.webp](./Ressources/img/WiredThreatLevel.webp) |
2019-02-13 12:00:00 |
Strava\'s New Tool Builds Routes Based on Your Finger Swipes (lien direct) |
Drag your finger on the in-app map, and the mobile Route Builder translates your scrawl into an ideal path. The beta version debuts soon for Strava Summit users. |
Tool
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2019-02-12 13:58:05 |
How LinkedIn\'s new intelligent hiring tool better connects job-seekers with recruiters (lien direct) |
The LinkedIn update also gives recruiters more information about candidates interested in open jobs. |
Tool
|
|
|
![itsecurityguru.webp](./Ressources/img/itsecurityguru.webp) |
2019-02-11 15:40:02 |
Tip-Off means Fake MetaMask Crypto Malware Pulled From Google Play. (lien direct) |
Decentralized app (DApp) MetaMask is facing fresh problems from cryptocurrency scammers after malware impersonating the tool appeared on Google Play, cybersecurity company Eset reported Feb. 8. The malware, which replaces computer clipboard information in an attempt to steal cryptocurrency, was removed by Google at the beginning of the month after a tip-off from Eset researchers. […]
|
Malware
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-02-10 17:16:04 |
Google open sourced the ClusterFuzz fuzzing platform (lien direct) |
Google has open sourced ClusterFuzz, its fuzzing infrastructure it has developed to find memory corruption vulnerabilities in Chrome. Google has open sourced its fuzzing infrastructure ClusterFuzz that the tech giant developed to find memory corruption bugs in the Chrome browser. ClusterFuzz is a scalable fuzzing tool that can run on clusters with more than 25,000 cores. […]
|
Tool
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2019-02-07 18:15:00 |
Ransomware Attack Via MSP Locks Customers Out of Systems (lien direct) |
Vulnerable plugin for a remote management tool gave attackers a way to encrypt systems belonging to all customers of a US-based MSP. |
Ransomware
Tool
|
|
|
![ESET.webp](./Ressources/img/ESET.webp) |
2019-02-06 17:36:01 |
Google rolls out Chrome extension to warn you about compromised logins (lien direct) |
The new tool aims to help in an age when billions of login credentials are floating around the internet
|
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-02-06 15:16:02 |
Security expert Marco Ramilli released for free the Malware Hunter tool (lien direct) |
Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.Malware researcher Marco Ramilli released for free the Malware Hunter tool a simple but interesting catching tool base on static YARA rules.. I'v been working on cybersecurity for most than 10 years. During my […]
|
Malware
Tool
|
|
|
![The_Hackers_News.webp](./Ressources/img/The_Hackers_News.webp) |
2019-02-05 10:40:00 |
Google\'s New Tool Alerts When You Use Compromised Credentials On Any Site (lien direct) |
With so many data breaches happening almost every week, it has become difficult for users to know if their credentials are already in possession of hackers or being circulated freely across the Internet.
Thankfully, Google has a solution.
Today, February 5, on Safer Internet Day, Google launches a new service that has been designed to alert users when they use an exact combination of
![](http://feeds.feedburner.com/~r/TheHackersNews/~4/X0EGuS4vVzA) |
Tool
|
|
|
![AlienVault.webp](./Ressources/img/AlienVault.webp) |
2019-02-04 14:00:00 |
SIEM: What Is It, and Why Does Your Business Need It? (lien direct) |
Security information and event management (SIEM) technology is transforming the way IT teams identify cyber threats, collect and analyze threat data and respond to security incidents. But what does that all mean? To better understand SIEM, let's take a look at SIEM technology, how it works and its benefits.
What Is SIEM?
SIEM technology is a combination of security event management (SEM) and security information management (SIM) technologies. IT teams use SEM technology to review log and event data from a business' networks, systems and other IT environments, understand cyber threats and prepare accordingly. Comparatively, IT teams use SIM technology to retrieve and report on log data.
How Does SIEM Work?
IT teams use SIEM technology to collect log data across a business' infrastructure; this data comes from applications, networks, security devices and other sources. IT teams can then use this data to detect, categorize and analyze security incidents. Finally, with security insights in hand, IT teams can alert business leaders about security issues, produce compliance reports and discover the best ways to safeguard a business against cyber threats.
What Are the Benefits of SIEM?
SIEM technology frequently helps businesses reduce security breaches and improve threat detection. The AlienVault Infographic and "2019 SIEM Survey Report" revealed 76 percent of cyber security professionals reported their organization's use of SIEM tools resulted in a reduction in security breaches. Additionally, 46 percent of survey respondents said their organization's SIEM platform detects at least half of all security incidents.
Also, SIEM tools typically provide compliance reporting – something that is exceedingly valuable for businesses that must comply with the European Union (EU) General Data Protection Regulation (GDPR) and other data security mandates. SIEM tools often come equipped with compliance reporting capabilities, ensuring IT teams can use these tools to quickly identify and address security issues before they lead to compliance violations.
SIEM tools help speed up incident response and remediation, too. A cyber security talent shortage plagues businesses worldwide, but SIEM tools help IT teams overcome this shortage. SIEM tools are generally simple to deploy, and they often can be used in combination with a business' third-party security tools. As such, SIEM tools sometimes reduce the need to hire additional cyber security professionals.
Is SIEM Right for My Business?
SIEM technology is designed for businesses of all sizes and across all industries. If a mid-sized retailer wants to protect its critical data against insider threats, for example, SIEM technology can help this business do just that. Or, if a globally recognized bank requires a user-friendly compliance management tool, it can deploy SIEM technology as part of its efforts to meet industry mandates. SIEM tools can even help businesses protect their Internet of Things (IoT) devices against cyber attacks, proactively seek out cyber threats and much more.
How Can I Select the Right SIEM Tool for My Business?
The right SIEM tool varies based on a business' security posture, its budget and other factors. However, the top SIEM tools usually offer the follo |
Tool
Threat
Guideline
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2019-01-30 19:59:02 |
How to install Sourcegraph with Docker (lien direct) |
When your project reaches millions of lines of code, deploy a helpful tool like Sourcegraph via a Docker container. |
Tool
|
|
|
![Blog.webp](./Ressources/img/Blog.webp) |
2019-01-30 09:35:00 |
NEW TECH: This free tool can help gauge, manage third-party cyber risk; it\'s called \'VRMMM\' (lien direct) |
Late last year, Atrium Health disclosed it lost sensitive data for some 2.65 million patients when hackers gained unauthorized access to databases operated by a third-party billing vendor. Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their […] |
Tool
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-01-29 13:32:00 |
Microsoft Exchange vulnerable to \'PrivExchange\' zero-day (lien direct) |
Proof-of-concept tool lets attackers escalate a hacked inbox to admin on a company's internal domain controller. |
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-01-28 21:38:02 |
Aztarna – the open-source scanning tool for vulnerable robots (lien direct) |
Experts from Alias Robotics released a free, open-source tool dubbed Aztarna that could be used to find vulnerable robots. A group of experts working a startup focused on robot cybersecurity has released a free, open-source framework dubbed Aztarna that could be used find vulnerable robots that could have been exposed online or inside an industrial […]
|
Tool
|
|
|
![no_ico.webp](./Ressources/img/no_ico.webp) |
2019-01-28 20:20:02 |
Python Network Tool Is Vulnerable To DoS Attack (lien direct) |
We recently discovered that the latest version of Scapy, a powerful packet manipulation tool used by cybersecurity researchers and network engineers, is susceptible to a Denial of Service (DoS) vulnerability. Ironically, we found this vulnerability while researching ways to better detect and fight DDoS attacks. Written in the very popular Python coding language, Scapy uses a …
The ISBuzz Post: This Post Python Network Tool Is Vulnerable To DoS Attack |
Tool
Vulnerability
|
|
|
![The_Hackers_News.webp](./Ressources/img/The_Hackers_News.webp) |
2019-01-28 00:30:04 |
Researchers Release Tool That Finds Vulnerable Robots on the Internet (lien direct) |
A team at a robot cybersecurity startup has released a free, open-source tool for information security professionals to help them easily 'footprint' and detect unprotected robots, not only connected to the Internet, but also to the industrial environments where they operate.
Dubbed "Aztarna," the framework has been developed by Alias Robotics, a Spanish cybersecurity firm focused on robots and
![](http://feeds.feedburner.com/~r/TheHackersNews/~4/wIVmjeswnb0) |
Tool
|
|
|
![Blog.webp](./Ressources/img/Blog.webp) |
2019-01-26 07:46:05 |
GreatSct – An Application Whitelist Bypass Tool (lien direct) |
While wrting Applocker bypass series, we found a new tool which was especially design for bypassing whitelisting application. So Idecided to write this article where e are introducing another most interesting tool “Great SCT –A metasploit payload generator” tool which is similar to unicorn or msfvenom because it depeands on metasploit framework to provide reverse... Continue reading →
|
Tool
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2019-01-25 13:33:01 |
6 ways data analytics are advancing the enterprise (lien direct) |
Data analytics are now an established, valuable tool for businesses, but the way they are used is rapidly changing. Here's how. |
Tool
|
|
★★★★★
|
![AlienVault.webp](./Ressources/img/AlienVault.webp) |
2019-01-23 14:00:00 |
10 Steps to Creating a Secure IT Environment (lien direct) |
Every day, as a part of my work at AlienVault, I talk to prospective clients. Many of them are trying to put together a security plan for their business. Most of the people I talk to are IT professionals who, like everyone else, are learning as they go.
During my time in IT and the security industry, I have seen almost every type of network you could imagine. Most of them made sense and could be explained and I could understand why they were built the way they were. Some, not so much. During the last 10 years especially, I have started compiling network drawings and information on the many ways that networks are designed and deployed.
The following list of bullet points are my recommendations to an IT manager or business leader if they consulted me on how to put together information technology for their business. Please remember this is a fairly generic list and there are tons of deviations to take into consideration when building a network and then protecting it.
1. Policies and Procedures
Policies and procedures are the cornerstones of your IT governance. This is the “what is going to happen and how is going to happen” of your security posture, and from the big picture your entire IT infrastructure. Creating a solid policy and procedure document or documents will provide your organization with an IT and security blueprint for your initial build, maintenance, management and remediation of issues. Solid policy and procedure manual(s) will also prepare the environment to work within any framework and meet compliance requirements.
2. Gateway Security
Gateway security is essential to keeping the bad guys out. There are a number of popular firewalls on the market that will provide excellent security at the gateway. The needs of the environment will dictate which firewall will work best.
For example, a high throughput environment with a large internal IP count might require a Next Generation Firewall (NGF) that runs only a few services on board and reserves the majority of resources for ingress-egress traffic. On the other hand, an environment that requires a very high level of security but has limited WAN bandwidth may be better suited for a UTM (Unified Threat Management) firewall which runs a number of services onboard. Traditionally it also utilizes significant resources for services like deep packet inspection (DPI), data loss prevention, (DLP), gateway antivirus, website filtering, email filtering and other high-end security services.
3. End Point Security
As the old saying goes… AntiVirus is DEAD!!! Not really.
Actually, antivirus is evolving and morphing like your favorite advanced persistent threat (APT) malware. A few years back the InfoSec industry started to break new ground on digging deeper into threats and breaches using threat intelligence in real-time to actively pursue malware based on heuristic data. Heuristic data became important as technology progressed to utilize behavioral analysis based on up-to-date threat intelligence.
These progressions in the industry gave rise to Endpoint Detection and Response (EDR), which is quickly morphing into a formidable companion to traditional antivirus and antiMalware protection. The very minimum that should be deployed into an environment includes a good reputable antivirus with antimalware capabilities, however, to get a definite head start on any co |
Malware
Tool
Threat
Guideline
|
|
|
![Blog.webp](./Ressources/img/Blog.webp) |
2019-01-22 13:52:02 |
LinkedIn Says Glitch, Not FSB, to Blame for Russian Job Postings (lien direct) |
LinkedIn Wednesday blamed an issue with its job ingestion tool–not Russian hackers or an online scam–as the reason the business social network was erroneously posting jobs located in Russia for a number of U.S.-based companies. The custom software tool that pulls in jobs from third-party websites onto LinkedIn’s site failed to...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/593867780/0/thesecurityledger -->» |
Tool
|
|
|
![CSO.webp](./Ressources/img/CSO.webp) |
2019-01-22 03:00:00 |
4 tips to mitigate Slack security risks (lien direct) |
Slack, the popular enterprise workspace collaboration tool and IRC clone, does not offer end-to-end encryption, making any breach of Slack's servers potentially catastrophic for users around the world. If you or your organization would suffer severe damage if internal Slack conversations leaked, then it's time to either consider encrypted Slack alternatives or mitigate the risk by locking down your Slack workspaces. We caught up with Andrew Ford Lyons, a technologist working on digital security for at-risk groups at Internews in the UK, for his advice. |
Tool
|
|
|
![Pirate.webp](./Ressources/img/Pirate.webp) |
2019-01-20 07:26:00 |
Domained – Multi Tool Subdomain Enumeration (lien direct) |
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting.
This produces categorized screenshots, server response headers and signature based default credential checking. It is written in Python heavily leveraging Recon-ng.
Domains Subdomain Enumeration Tools Leveraged
Subdomain Enumeraton Tools:
Sublist3r
enumall
Knock
Subbrute
massdns
Recon-ng
Amass
SubFinder
Reporting + Wordlists:
EyeWitness
SecList (DNS Recon List)
LevelUp All.txt Subdomain List
Domained Subdomain Enumeration Tool Usage
--install/--upgrade Both do the same function – install all prerequisite tools
--vpn Check if you are on VPN (update with your provider)
--quick Use ONLY Amass and SubFinder
--bruteall Bruteforce with JHaddix All.txt List instead of SecList
--fresh Delete old data from output folder
--notify Send Pushover or Gmail Notifications
--active EyeWitness Active Scan
--noeyewitness No Eyewitness
-d The domain you want to preform recon on
-b Bruteforce with subbrute/massdns and SecList wordlist
-s n Only HTTPs domains
-p Add port 8080 for HTTP and 8443 for HTTPS
Subdomain Enumeration Examples
First Steps are to install required Python modules and tools:
sudo pip install -r ./ext/requirements.txt
sudo python domained.py --install
Example 1 – Uses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)
python domained.py -d example.com
Example 2: – Uses subdomain example.com with seclist subdomain list bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN
python domained.py -d example.com -b -p --vpn
Example 3: – Uses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)
python domained.py -d example.com -b --bruteall
Example 4: – Uses subdomain example.com and only Amass and SubFinder
python domained.py -d example.com --quick
Example 5: – Uses subdomain example.com, only Amass and SubFinder and notification
python domained.py -d example.com --quick --notify
Example 6: – Uses subdomain example.com with no EyeWitness
python domained.py -d example.com --noeyewitness
Note: --bruteall must be used with the -b flag
You can download Domained here:
domained-master.zip
Or read more here.
Read the rest of Domained – Multi Tool Subdomain Enumeration now! Only available at Darknet.
|
Tool
|
|
|
![TechWorm.webp](./Ressources/img/TechWorm.webp) |
2019-01-18 18:47:03 |
Facebook open sources Spectrum for efficient uploading of images (lien direct) |
Facebook launches open-sourced Spectrum for better mobile image production Facebook has officially released an open source tool to the developer community to make the process of uploading images more efficient. Dubbed as “Spectrum”, this tool is a cross-platform image transcoding library that can easily be integrated into an Android or iOS project to efficiently perform […]
|
Tool
|
|
|
![Blog.webp](./Ressources/img/Blog.webp) |
2019-01-18 12:24:03 |
Configure Sqlmap for WEB-GUI in Kali Linux (lien direct) |
Hello everyone and welcome to this tutorial of setting up SQLMAP for web-gui. Web-GUI simply refers to the interface that a browser provides you over the http/https service. SQLMAP is a popular tool for performing SQL injection attacks on sites affected by mysql errors; be it an error based sql injection or hidden sql, sqlmap... Continue reading →
|
Tool
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-01-17 18:35:01 |
Online stores for governments and multinationals hacked via new security flaw (lien direct) |
Little-known database management tool allowed hackers to take over sites and inject malicious code that steals payment card details. |
Tool
|
|
★★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-16 22:09:02 |
Threatpost Survey Says: 2FA is Just Fine, But Go Ahead and Kill SMS (lien direct) |
Our reader poll showed overwhelming support for 2FA even in the wake of a bypass tool being released -- although lingering concerns remain. |
Tool
|
|
★★
|
![Blog.webp](./Ressources/img/Blog.webp) |
2019-01-16 15:32:05 |
Koadic – COM Command & Control Framework (lien direct) |
Hello friends!! In this article we are introducing another most interesting tool “KOADIC – COM Command & Control” tool which is quite similar to Metasploit and Powershell Empire. So let's began with its tutorial and check its functionality. Table of Content Introduction to Koadic Installation of Koadic Usage of Koaidc Koadic Stagers Privilege Escalation with... Continue reading →
|
Tool
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2019-01-11 19:04:00 |
How to create a Kanban Board in Nextcloud (lien direct) |
Combining a Kanban board with Nextcloud creates a powerful, in-house collaboration tool that can ease your project management tasks. |
Tool
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2019-01-11 15:44:05 |
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In (lien direct) |
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. |
Tool
|
|
|
![no_ico.webp](./Ressources/img/no_ico.webp) |
2019-01-11 14:59:05 |
Bypassing 2-Factor Authentication (lien direct) |
Phishing attacks can be automated through a new penetration testing tool published by security researcher Piotr Duszyński. Modlishka is the name of the tool and it can bypass login operations for accounts protected by two-factor authentication (2FA). Don Duncan, Security Engineer at NuData Security: “While cybercriminals can get past two-factor authentication (2FA), this should only be …
The ISBuzz Post: This Post Bypassing 2-Factor Authentication |
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-01-11 14:59:03 |
Victims of Pylocky ransomware can decrypt their files for free (lien direct) |
Victims of the PyLocky Ransomware can use a tool released by security researcher Mike Bautista at Cisco Talos group to decrypt their files for free. I have good and bad news for the victims of the PyLocky Ransomware. The good news is that security researcher Mike Bautista at Cisco Talos group released a decryption tool […]
|
Ransomware
Tool
|
|
|
![The_Hackers_News.webp](./Ressources/img/The_Hackers_News.webp) |
2019-01-10 22:59:03 |
(Déjà vu) PyLocky Ransomware Decryption Tool Released - Unlock Files For Free (lien direct) |
If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files-your search might end here.
Security researchers at Cisco's Talos cyber intelligence unit have released a free decryption tool that makes it possible for victims infected with the PyLocky ransomware to unlock their encrypted files for free
![](http://feeds.feedburner.com/~r/TheHackersNews/~4/DzyAb8lniqg) |
Ransomware
Tool
|
|
|
![WiredThreatLevel.webp](./Ressources/img/WiredThreatLevel.webp) |
2019-01-10 19:58:05 |
Your Old Tweets Give Away More Location Data Than You Think (lien direct) |
Researchers built a tool that can predict where you live and work, as well as other sensitive information, just by using geotagged tweets. |
Tool
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2019-01-10 18:26:00 |
How to use the Fedora modular repository (lien direct) |
The Fedora dnf module tool provides a new way to think about installing on the Linux platform. |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2019-01-10 12:40:00 |
(Déjà vu) Criminals Grabbed at Least 4.3 Percent of All Monero Coins on the Market (lien direct) |
Crooks earned roughly 57 million USD in a 4 year. period s by taking advantage of other people's hardware to mine for Monero and by using large botnets as a tool towards quick illegal monetary gains of more than $1 million per month [...] |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2019-01-10 12:40:00 |
(Déjà vu) Criminals Grabbed at Least 4,3 Percent of All Monero Coins on the Market (lien direct) |
Crooks earned roughly 57 million USD in a 4 year. period s by taking advantage of other people's hardware to mine for Monero and by using large botnets as a tool towards quick illegal monetary gains of more than $1 million per month [...] |
Tool
|
|
|
![TechRepublic.webp](./Ressources/img/TechRepublic.webp) |
2019-01-09 14:37:03 |
CES 2019: Will this ultra-thin portable monitor be the paper of the future? (lien direct) |
Faytech's Lapscreen weighs less than 1 lb and is the size of a sheet of paper, and could be a useful tool for traveling business professionals. |
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2019-01-09 13:46:02 |
Windows 10 Build 18312 (19H1) Released With Reserved Storage Implementation (lien direct) |
Windows 10 Preview Build 18312 is now available for Insiders in the Fast Ring and it comes with Reserved Storage implementation, improved Reset page UI, Windows Subsystem for Linux Command Line Tool improvements. [...] |
Tool
|
|
|
![grahamcluley.webp](./Ressources/img/grahamcluley.webp) |
2019-01-09 12:43:04 |
Automated phishing attack tool bypasses 2FA protection (lien direct) |
Modlishka may help raise awareness of the danger of reverse proxy phishing attacks, but it's easy to imagine that many criminals will be tempted to put it to malicious use.
|
Tool
|
|
|
![no_ico.webp](./Ressources/img/no_ico.webp) |
2019-01-09 10:00:00 |
AI Tool Used By Police To Spot Fake Reports (lien direct) |
Following the announcement that British scientists have developed a new computer programme that can spot if someone has lied to police about being robbed Andy Davies, consultant, police and intelligence services at analytics leader SAS UK highlights how artificial intelligence and data analytics can help the police do their jobs more effectively and efficiently. With law enforcement …
The ISBuzz Post: This Post AI Tool Used By Police To Spot Fake Reports |
Tool
Guideline
|
|
★★
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-01-09 02:44:00 |
New tool automates phishing attacks that bypass 2FA (lien direct) |
Trust in two-factor authentication has slowly eroded in the last month after release of Amnesty International report and Modlishka tool. |
Tool
|
|
|
![AlienVault.webp](./Ressources/img/AlienVault.webp) |
2019-01-07 14:00:00 |
Data Exfiltration in AWS: Part 2 of Series (lien direct) |
In the previous blog in this four-part blog series, we discussed AWS IAM and how it can be compromised to allow for data exfiltration. In this blog we will drill into data exfiltration.
One of the more common issues reported on lately involves EC2 instances running data storage services like Elasticsearch and MongoDB, which by default don't have any credential requirements to interact with the data store. And if you don't get your security groups set up properly you can inadvertently expose, for example, the Elasticsearch port (9200) out to the Internet. If that happens, you can bet that somebody is going to find it and dump its entire data set.
Here’s a common scenario we’ve seen in AWS: A web application is capturing user details and analytics. The developers want to capture that data in a metrics-friendly repository (in addition to the database that the application uses) so they spin an EC2 instance, install Elasticsearch and start dropping data in it that is useful for analytics tracking. It’s probably not sensitive data so they’re not too worried about locking it down and for convenience, the backend Elasticsearch port is exposed to the Internet. As the analytics requirements evolve along with the application, more and more data ends up in the completely exposed data store. Then a bad guy does a port scan and finds it sitting there, ripe for the picking. It's become so common that adversaries have gone through the trouble of creating ransomware that fully hijacks the data store and encrypts the data within it.
Here are some examples:
Data Exfiltration: Risks
Marketing Firm Exactis Leaked a Personal Info Database with 340 Million Records - WIRED
Sales Engagement Startup Apollo Says its Massive Contacts Database was Stolen in a Data Breach - TechCrunch
Veeam Server Lapse Leaks Over 440 million Email Addresses - TechCrunch
Ransomware
Online databases dropping like flies, with >10k falling to ransomware groups - Ars Technica
With a public vulnerability search tool such as Shodan, you can do a search for publicly exposed Elasticsearch databases and it’ll give you a big list. It's not difficult to find systems that have been exposed this way and attackers are finding them pretty quickly.
Application Abuse
The other way that data exfiltration takes place is through an application vulnerability, but this isn't AWS-specific. There are common application vulnerabilities that some attackers are very adept at discovering. A crafty attacker will bang on a web application long enough to find a vulnerability that they can use to exfiltrate data from the system. This technique is very effective because most web applications need access to some degree of sensitive data in order to be of any use.
|
Ransomware
Tool
Vulnerability
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-01-07 11:04:02 |
ReiKey app for macOS can detect Mac Keyloggers using event taps (lien direct) |
ReiKey is a free tool that allows to scan and detect keylogger that install persistent keyboard “event taps” to intercept your keystrokes. Good news for macOS users, a new open source tool dubbed ReiKey allows them to detect Mac Keyloggers. The ReiKey app monitor systems for applications that analyzed keyboard ‘event taps‘ to monitor and […]
|
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-01-07 08:00:04 |
NSA will reveal its GHIDRA Reverse Engineering tool at RSA Conference (lien direct) |
The National Security Agency (NSA) will release at the next RSA Conference a free reverse engineering framework called GHIDRA. GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux). The framework was first mentioned in the CIA Vault 7 dump that was leaked in 2017. WikiLeaks obtained thousands of files allegedly […]
|
Tool
|
|
|
![The_Hackers_News.webp](./Ressources/img/The_Hackers_News.webp) |
2019-01-07 01:37:01 |
NSA to release its GHIDRA reverse engineering tool for free (lien direct) |
The United States' National Security Agency (NSA) is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco.
The existence of the framework, dubbed GHIDRA, was first publicly revealed by WikiLeaks in CIA Vault 7 leaks, but the tool once again came to light after Senior NSA Adviser
![](http://feeds.feedburner.com/~r/TheHackersNews/~4/M9MBG2T-zoc) |
Tool
|
|
|
![ZDNet.webp](./Ressources/img/ZDNet.webp) |
2019-01-05 22:12:05 |
NSA to release a free reverse engineering tool (lien direct) |
GHIDRA is written in Java and works on Windows, Mac, and Linux. |
Tool
|
|
|
![SecurityAffairs.webp](./Ressources/img/SecurityAffairs.webp) |
2019-01-05 15:16:04 |
Did Aurora Ransomware infect you? You can decrypt file for free (lien direct) |
Victims of the Aurora Ransomware could use a decryptor tool developed by the popular malware researcher Michael Gillespie to decrypt their data for free. Good news for the victims of the Aurora Ransomware, there are many variants of this Windows malware but most of the victims have been infected by the version that appends the […]
|
Ransomware
Malware
Tool
|
|
|
![bleepingcomputer.webp](./Ressources/img/bleepingcomputer.webp) |
2019-01-05 12:55:00 |
New ReiKey app for macOS can Detect Mac Keyloggers (lien direct) |
macOS users have a new open source tool to help them identify generic keyloggers on their system. Called ReiKey, the app can scan and monitor for software that installs keyboard event taps to intercept keystrokes. [...] |
Tool
|
|
|