ROAMING MANTIS MALWARE EVOLVE TO PREYS ON PC, ANDROID AND IOS USERS

ROAMING MANTIS MALWARE EVOLVE TO PREYS ON PC, ANDROID AND IOS USERS

Recently, researchers unveiled a DNS hijacking campaign that was found to spread malware from banking Trojans to Android smartphone users mostly in Asia, which has now extended its reach to iOS and PC users.

Mantis Roaming malware now targets IOS devices for phishing attacks. A publication of Kaspersky Lab in April, gave details about the Mantis Roaming malware that performs targeted operations…

View On WordPress

IBM IMPROVES ITS SECURITY AND PROHIBITS THE USE OF USB DRIVES THROUGHOUT THE COMPANY IBM recently banned all removable storage, throughout the company; this is a new policy that aims to avoid financial and reputational damage from a lost or misused USB drive.

TOOL TO PERFORM BRUTE FORCE ATTACKS ON SSH, SMTP, FACEBOOK AND INSTAGRAM- BRUT3K1T

TOOL TO PERFORM BRUTE FORCE ATTACKS ON SSH, SMTP, FACEBOOK AND INSTAGRAM- BRUT3K1T

As an introduction, brut3k1t is a bruteforce module on the server side that supports dictionary attacks for various protocols, information security experts say.

Some of the current protocols that are complete and compatible are:

ssh

ftp

smtp

XMPP

instagram

Facebook

There will also be implementations of different protocols and services including Twitter, Facebook and Instagram.

The professionals…

View On WordPress

HOW TO MAKE A SUBDOMAIN TAKEOVER ATTACK

HOW TO MAKE A SUBDOMAIN TAKEOVER ATTACK

A team of information security experts tells us that sub-domain acquisition vulnerabilities happen whenever a subdomain points to a service (for example, GitHub pages, Heroku, etc.) that has been removed or removed. This may allow an attacker to configure a page in the service that was being used and direct his page to that subdomain. As an example, if subdomain.example.com was pointing to a…

View On WordPress

HOW TO HACK ANY CAR WITH THIS TOOL

HOW TO HACK ANY CAR WITH THIS TOOL

First we will see the topics that will be covered by the information security experts in this test / course of auto hacking: Configuration of virtual environments for tests, Sniffing CAN Traffic, Analyzing CAN Traffic, Inverse Engineering CAN IDs, Denial of service attacks, Reproduction / Traffic injection, Coding your own tools CAN Socket in python, Attacks directed against the components of…

View On WordPress

HACK ANY WIRELESS NETWORK USING ALL IN ONE TOOL: HIJACKER

HACK ANY WIRELESS NETWORK USING ALL IN ONE TOOL: HIJACKER

To begin with, the experts explain that Hijacker is a graphical user interface for the penetration test tools Aircrack-ng, Airodump-ng, MDK3 and Reaver. This application offers a simple and easy user interface to use the tools without writing commands in a console and copying and pasting MAC addresses.

The information security professionals comment that this application requires an Android ARM…

View On WordPress

TRUSTJACKING ATTACK ALLOWS HACKERS TO HACK IOS DEVICES Symantec professionals have found a vulnerability that could allow hackers to compromise iOS devices without the owner’s knowledge.

JSHIELDER AUTOMATED HARDENING SCRIPT FOR LINUX SERVERS

JSHIELDER AUTOMATED HARDENING SCRIPT FOR LINUX SERVERS

JSHielder is an Open Source tool developed to help SysAdmin and developers secure their Linux Servers in which they will be deploying any web application or services. According to information security experts this tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux server with little interaction from the user. Newly added script…

View On WordPress

VULNERABILITY IN OUTLOOK LET HACKERS TO STEAL PASSWORD HASHES

VULNERABILITY IN OUTLOOK LET HACKERS TO STEAL PASSWORD HASHES

Most people rely on Outlook email address for work-related as well as personal tasks. Unfortunately, Outlook may not be as secure as we users would like to think. According to a report published by information security training experts at the Carnegie Mellon Software Engineering Institute, Outlook comes with a security bug that could trigger password hash leaks when users’ preview Rich Text…

View On WordPress

NJRAT UPGRADED TO PUSH LIME RANSOMWARE AND A BITCOIN WALLET STEALER The njRAT, also famed as Bladabindi, has been upgraded to push Lime Ransomware and a Bitcoin wallet stealer.

SEARS AND DELTA AIR LINES CUSTOMER DATA HAVE BEEN EXPOSED Personal data and payment information of Sears and Delta Air Lines customers may have been exposed in a data breach last year.

ANDROID MALWARE IN QR READER APPS ON PLAY STORE

ANDROID MALWARE IN QR READER APPS ON PLAY STORE

The information security researchers at SophosLabs have discovered a new Android malware in seemingly harmless QR reader apps on Google Play Store. The malware has been developed to flood Android devices with large screen ads to generate revenue for attackers. Labeled Andr/HiddnAd-AJ by the information security training researchers, the malware was found in six QR code reading apps and one was in…

View On WordPress

MONGODB HACKED IN 13 SECONDS

MONGODB HACKED IN 13 SECONDS

For the last couple of years, hackers have been exploiting unprotected MongoDB based servers to steal data and hold the exposed databases for ransom. Hackers leaked 36 million records of internal data collected from several vulnerable servers. The information security training researchers from German firm Kromtech conducted an experiment in which they purposely left a MongoDB database exposed to…

View On WordPress

PUERTO RICO POWER UTILITY HACKED Puerto Rico’s power utility, PREPA, said on Monday it has been hacked over the weekend, but customer information was not compromised.

VPN HOTSPOT SHIELD, PUREVPN AND ZENMATE ARE REVEALING REAL IP ADDRESSES According to VPN Mentor, a private firm which reviews virtual private networks (VPN), after research, it has been discovered that three VPN service providers with millions of customers worldwide are leaking sensitive data such as users’ IP addresses.

ANDROID SETTINGS THAT USERS SHOULD CHANGE RIGHT NOW

ANDROID SETTINGS THAT USERS SHOULD CHANGE RIGHT NOW

Most of us don’t interfere with default Android settings, yet in the event that you are searching for ways to improve your general Android experience; there are a couple of changes that information security experts said that worth attempting. Android have a great deal of features, yet not every one of them are empowered out of the container. With the regularly developing list of capabilities,…

View On WordPress

APAC INFORMATION SECURITY CHIEFS EXPECT CRITICAL ATTACK

APAC INFORMATION SECURITY CHIEFS EXPECT CRITICAL ATTACK

Nearly 70% of information security leaders in the APAC region believe a major attack affecting critical infrastructure across multiple countries will happen in the next two years, a survey reveals Most information security training leaders in the Asia-Pacific (APAC) region believe that a major, successful cyber attack on critical infrastructure in their country, or multiple countries, is…

View On WordPress