Please turn on your JavaScript for this page to function normally.
dark web
FIN7 sells improved EDR killer tool

The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its “EDR killer” tool, …

Cobalt Strike
Google seeks to make Cobalt Strike useless to attackers

Google Cloud’s intelligence research and applications team has created and released a collection of 165 YARA rules to help defenders flag Cobalt Strike components deployed by …

brute ratel c4
Threat actors exchange beacons for badgers to evade endpoint security

Unidentified cyber threat actors have started using Brute Ratel C4 (BRc4), an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint …

industry
APT group has developed custom-made tools for targeting ICS/SCADA devices

Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …

Person
FireEye breach: State-sponsored attackers stole hacking tools

U.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company’s RedTeam tools, FireEye CEO Kevin Mandia has disclosed on Tuesday. …

Microsoft Exchange
How attackers target and exploit Microsoft Exchange servers

Microsoft Exchange servers are an ideal target for attackers looking to burrow into enterprise networks, says Microsoft, as “they provide a unique environment that could …

DBIR 2020
Money is still the root of most breaches

Verizon has released its annual Data Breach Investigations Report (DBIR), which offers an overview of the cyber security incidents and data breaches that happened in/were …

industrial
Widely available ICS attack tools lower the barrier for attackers

The general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology (OT) networks and industrial …

vectors
As malware and network attacks increase in 2019, zero day malware accounts for 50% of detections

Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared …

CrackQ
CrackQ: Efficient password cracking for pentesters and red teamers

CrackQ employs automation to make password cracking a faster and more efficient undertaking for pentesters and red teamers. CrackQ dashboard “Regular security testing is …

Warshipping: Attackers can access corporate networks through the mailroom

Most infosecurity professionals have heard of wardialing and wardriving, but what about warshipping? The expression has been coined by IBM X-Force Red researchers to describe …

Box files
Is your company leaking sensitive data via its Box account?

Companies that use Box for sharing files and folders inside and outside the company are inadvertently leaving sensitive corporate and customer data exposed, cybersecurity firm …

Don't miss

Cybersecurity news