Netcraft’s latest research details HookBot, a sophisticated Android-based banking Trojan that’s steadily advancing its footprint in the cybercrime world. First identified in 2023, HookBot has rapidly evolved, targeting Android users...
A new phishing campaign, tracked by Cisco Talos, has been targeting Facebook business account users in Taiwan since at least July 2024. This campaign is specifically designed to lure victims...
In a report by Yehuda Gelb and Elad Rapoport from the Checkmarx Security Research Team, a new supply chain attack technique has been uncovered that could compromise the integrity of...
Palo Alto Networks Unit 42 researchers have uncovered a new wave of attacks in the ongoing Contagious Interview campaign, where North Korean threat actors are posing as recruiters to target...
A recent report by Trustwave’s Threat Intelligence team, led by Cris Tomboc and King Orande, has unveiled a newly identified malware named Pronsis Loader. This malware, which first surfaced in...
The Australian Federal Police (AFP)-led Criminal Assets Confiscation Taskforce (CACT) has successfully restrained $9.3 million in cryptocurrency as part of an ongoing investigation into the mastermind behind “Ghost,” a dedicated...
A recently discovered malvertising campaign targeting Slack users has highlighted the increasingly sophisticated tactics employed by cybercriminals. Security researchers at Malwarebytes Labs have uncovered a complex scheme that leverages Google...
Calibre, the popular cross-platform e-book management software, has three significant security vulnerabilities. These vulnerabilities, identified by researchers from STAR Labs SG Pte. Ltd., could potentially expose millions of users to...
Recently, TechCrunch‘s technical specialists uncovered a rather intriguing incident in the IT world. A small Minnesota-based company, Spytech, specializing in spyware production, fell victim to a cyber attack. As a...
The popular LearnPress – WordPress LMS Plugin, a pivotal tool for creating and managing online courses on WordPress, has been found vulnerable to two severe security flaws. These vulnerabilities could...
QCSuper QCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G (and for certain models 5G) radio frames, among other things. It will allow you to generate PCAP captures...
V’ger V’ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer, you’ve found Jupyter credentials, but...
BadExclusions Now With Better Opsec BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR. How it works? BadExclusionsNWBO copies and runs Hook_Checker.exe in all...
NTLM Relay Gat NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py,...
go-secdump Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive without any...
Support Securityonline.info site. Thanks!
