Install YAWAST – The Antecedent Web Application Security Toolkit

YAWAST is an application meant to simplify initial analysis and information gathering for penetration testers and security auditors. It performs basic checks in these categories: TLS/SSL - Versions and cipher suites supported; common issues. Information Disclosure - Checks for common information leaks. Presence of Files or Directories - Checks for files or directories that could [...]

By |2016-10-24T14:32:37-05:00October 24th, 2016|Categories: Pentest|Tags: , , , , , , , |0 Comments

QRLJacker – QRLJacking Exploitation Framework

QRLJacker is a python framework which is used to exploit services that rely on QR code authentication. #QRLJacker is a customizable framework to demonstrate "QRLJacking Attack Vector" and shows how easy to hijack services that relies on QR Code Authentication. Installation Installation on Windows After downloading the framework and Python: cd QrlJacking-Framework pip install -r [...]

By |2016-10-24T13:25:53-05:00October 24th, 2016|Categories: Pentest|Tags: , , , |0 Comments

Review: Alfa AWUS051NH WiFi Adapter

Most older USB WiFi Adapters that have worked well with Kali Linux or Backtrack don't support the 5 GHz range which most routers support now. As dual band routers gain popularity in homes and offices, the Alfa AWUS051NH WiFi Adapter filled a gap by supporting both the 2.4 GHz and 5 GHz range for the [...]

DDoS Attack on Dyn DNS and Level3 Outages

Twitter, Reddit, Spotify, PSN, XBox, Netflix, Github, PayPal and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn DNS, a world renowned Domain Name Servers (DNS) service provider. You can read the most recent status messages at DynDNS. So far there [...]

By |2016-10-21T18:50:13-05:00October 21st, 2016|Categories: Attacks, Security|Tags: , , , , , |0 Comments

How To Patch Linux Kernel Zero Day DirtyCow Vulnerability CVE-2016-5195

A zero-day local privilege escalation vulnerability has been found in the Linux kernel that has existed since 2005, being called DirtyCow. This bug affects a large number of popular Linux distros as well as Android devices. By exploiting the DirtyCow vulnerability, any user can become root (admin) in less than 5 seconds. The vulnerability has [...]

New Cerber Ransomware Switches To A Random Extension And Ends Database Processes

A new variant of the Cerber ransomware kills common database-related processes like those of the MySQL, Oracle and Microsoft SQL servers to encrypt files. The most notable change is the switch from the static .Cerber3 extension for encrypted files to a random 4 character extension, the use of a HTA file as the ransom note, [...]

By |2016-10-16T15:53:22-05:00October 6th, 2016|Categories: Ransomware, Security|Tags: , , , , , , , |0 Comments

Attack Allows OS X Malware To Piggyback On Your Webcam

Security researcher Patrick Wardle of Synack has discovered a new potential use of malware that targets the use of the Mac OS X webcam. This new attack allows OS X malware to record video and audio whenever a victim legitimately turns on their webcam, without drawing attention to itself. As you can see in the [...]

OpenSSL Patches High-Severity OCSP Bug & Mitigates SWEET32 Attack

A vulnerability in the OpenSSL implementation of the Online Certificate Status Protocol (OCSP) was patched this week, closing a denial-of-service weakness in affected servers. OCSP is an alternative in many cases to Certificate Revocation Lists where a client can use the protocol to ping a server requesting the status of a digital certificate. The vulnerability, [...]

By |2016-10-16T15:53:39-05:00September 24th, 2016|Categories: Security|Tags: , , , , , , , |0 Comments

Mamba Ransomware Encrypts Full Hard Drive Spreading Via Phishing Emails

Security researchers at Morphus Labs reported about a new ransomware called Mamba, which encrypts the victim's whole hard drive. Recent reports show it spreading around Brazil, India, and the United States through phishing emails. Mamba ransomware attacks Windows computers and overwrites the MBR (Master Boot Record) and upon restart the victim will get a screen [...]

By |2016-10-16T15:53:39-05:00September 23rd, 2016|Categories: Ransomware, Security|Tags: , , , , , |0 Comments

RAUM Tool Allows Malware To Spread In Torrents

Researchers at InfoArmor have uncovered a new tool that allows cybercriminals to package malware into popular torrent files. This new tool is called RAUM and is believed to have been created by an Eastern European crime group by the name of Black Team. The new tool uses a "pay-per-install" model which is only available in [...]

By |2016-10-16T15:53:40-05:00September 22nd, 2016|Categories: Malware, Security|Tags: , , , , |0 Comments
Load More Posts