SEC-SEE: FireForce - a firefox form- brut force attacking tool

Latest Security News

BleepingComputer

FTC reports 50% drop in unwanted call complaints since 2021 - On Friday, the U.S. Federal Trade Commission (FTC) reported that the number of consumer complaints about unwanted telemarketing phone calls has dropped ove...
52 minutes ago
Healthcare IT News - Privacy & Security

DHS intros framework for AI safety and security, in healthcare and elsewhere - The U.S. Department of Homeland Security on Thursday published a new set of actionable recommendations to help promote safe and secure development and de...
4 hours ago
Schneier on Security

Good Essay on the History of Bad Password Policies - Stuart Schechter makes some good points on the history of bad password policies: Morris and Thompson’s work brought much-needed data to highlight a probl...
7 hours ago
Security Affairs

U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog - U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog. The U....
10 hours ago
Krebs on Security

An Interview With the Target & Home Depot Hacker - In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million ...
14 hours ago
Kaspersky Lab official blog

CVE-2024-43451 allows stealing NTLMv2 hash | Kaspersky official blog - Patch Tuesday, November 2024: CVE-2024-43451, used in real attacks, permits stealing an NTLMv2 hash with minimal interaction from the victim.
1 day ago
HITBSecNews

North Korean hackers target cryptocurrency with malware - North Korean hackers target cryptocurrency with malware l33tdawg Fri, 11/08/2024 - 09:11
1 week ago
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Yavor Kolev, Bulgaria, The City of Troyan and The Dipshits That Ruled Everyone and Everything - A True First-Account Personal of Their True Story - В момента кой е по прост от циганин? Това сте вие майка ти и циганинът баща ти. И всички други цигани който вие си мислите че са повече от вас. Дано успе...
1 week ago
Didier Stevens

Quickpost: The Electric Energy Consumption Of A Wired Doorbell - I have a classic wired doorbell at home: the 230V powered transformer produces 12V on its secondary winding. The circuit on that secondary winding powers a...
1 week ago
Digital Whisper - גיליונות

הגליון המאה שישים ושבעה של DigitalWhisper שוחרר! - הגליון המאה שישים ושבעה של DigitalWhisper שוחרר!פורסם ב- October 31, 2024 12:09:43, על ידי- cp77fk4r ברוכים הבאים לדברי הפתיחה של הגליון ה-167 של Digit...
2 weeks ago
TaoSecurity

What Are Normal Users Supposed to Do with IDS Alerts from Network Gear? - Probably once a week, I see posts like this in the r/Ubiquiti subreddit. Ubiquiti makes network gear that includes an "IDS/IPS" feature. I own some older U...
5 weeks ago
Dr Anton Chuvakin Blog PERSONAL Blog

Recommended: Open Sourcing Venator - I recommended Open Sourcing Venator on TysonRhame. About me: http://www.chuvakin.org
5 weeks ago
KitPloit - PenTest Tools!

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits - SafeLine is a self-hosted *WAF(Web Application Firewall)* to protect your web apps from attacks and exploits. A web application firewall helps protect w...
1 month ago
Lenny Zeltser on Information Security

What to Do With Products Without SSO? - First, let’s get this out of the way: SaaS vendors that lock Single Sign-On (SSO) behind enterprise-only plans are disadvantaging their customers and the i...
1 month ago
HealthITSecurity

Eye care company suffers 377K-record data breach - Panorama Eyecare, a Fort… read more
5 months ago
ToolsWatch.org - The Hackers Arsenal Tools | Repository for vFeed and DPE Projects

Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review - In the ever-evolving landscape of cybersecurity, staying ahead of the curve is paramount. As digital
7 months ago
‫לא בטוח - בלוג אבטחת המידע של איתן כספי‬

זמין מיידית לעבודה חדשה - שלום למבקרים באתר, אני זמין כעת מיידית לעבודה חדשה, כשכיר או כעצמאי, כמובן בתחום אבטחת המידע. אפשר למצוא פרטים מקצועיים נוספים אודותיי וגם ליצור אתי קשר ...
1 year ago
Uncommon Sense Security

What a lovely sunset - Oh, hi. Long time no blog, eh? Well, it is time to sunset this blog, I will be deleting it in the next few weeks. So long, and thanks for all the fis...
1 year ago
Room362

Simple PHP webshell with php filter chains - Recently found an LFI in a PHP application and one of the cool things I learned about recently was PHP filter chains. More info here: https://www.synacktiv...
1 year ago
I Am Security

Hello world! - Welcome to WordPress. This is your first post. Edit or delete it, then start writing!
1 year ago
McAfee Blogs

A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam - Written by James Schmidt Editor’s Note: We often speak of online scams in our blogs, ones that cost victims hundreds... The post A Scam in the Family—Ho...
1 year ago
Elusive Thougts

Hacking Solidity For fun and profit - Introduction After a long period of silence I am now going to write a post for hacking Solidity smart contracts for dummies (like me). The easiest way to p...
2 years ago
shell is only the beginning

Tracking WMI Activity with PSGumshoe - WMI (Windows Management Instrumentation) is the Microsoft implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) s...
2 years ago
DeepEnd Research

Renewed SideWinder Activity in South Asia - A few months ago, Trend Micro released a post which encapsulated the SideWinder APT group activity in the past year, showcasing SideWinder’s mobile malware...
3 years ago
Andrew Hay

Jupyter Notebook for crt.sh Queries - I created a Jupyter Notebook to query the crt.sh website, dump the results into a pandas data frame, and then printing out the unique list of results to th...
3 years ago
Symantec Blogs

Symantec Identity: Stepping Up to Meet the COVID-19 Crisis - COVID-19 confronted healthcare providers and governments with unprecedented requests for access, aid, and assistance. Here’s how one team at Symantec is ri...
4 years ago
חושב אחרת על אבטחת מידע

UNSINKABLE meets UNTHINKABLE פוסט לציון 108 שנים לטביעתה של הטיטניק והלקחים להגנת סייבר בימינו אנו - פוסט זה הוא עדכון משמעותי לפוסט שנכתב במקור בשנת 2012 לאחר צפיה בסרט תיעודי ששודר באותה השנה, במלאת 100 שנה לטביעת הטיטניק. בעדכון זה ננפץ כמה פרות קדושות ...
4 years ago
VirusBay Blog

How Reverse Engineering (and Cyber-Criminals’ Mistakes) Can Help You When You’ve Been a Ransomware Victim - Ransomware is a type of malware that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. In the last two year...
5 years ago
Hackbusters.com

Tencent Shuts Down PUBG Mobile in China For Patriotic Alternative - Slashdot - Full Abbreviated Hidden /Sea Score: 5 4 3 2 1 0 -1
5 years ago
Network Security Blog

Lucky Break - One of the things I do from time to time is throw out an open ended question on Twitter. Sometimes I’m making a point, sometimes I just want to amuse myse...
6 years ago
Technolust since 2005

TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home Network Security - —— Thank You Patrons! Without your support via patreon.com/tekthing, we wouldn’t be able to make the show for you every week! https://www.patreon.com/tekth...
6 years ago
טל פבל

Romania is vice-champion at the European Cyber Security - CERT-RO The National Response Center for Cyber Security Incidents affirmed on Friday that Romania, for the second consecutive year, has become the European...
6 years ago
Malware don't need Coffee

CoalaBot : http Ddos Bot - CoalaBot appears to be build on August Stealer code (Panel and Traffic are really alike) I found it spread as a tasks in a Betabot and in an Andromeda sp...
7 years ago
SecManiac.com

Social-Engineer Toolkit (SET) v7.7 “Blackout” Released - TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA att...
7 years ago
Malware at Stake

[Virus Bulletin Conference] The TAO of Automated Iframe Injectors - Building Drive-by Platforms For Fun and Profit - In this paper, we present the design of distributed infection model used by attackers to inject malicious iframes on the fly to conduct large scale driv...
7 years ago
Security Intelligence

Big Changes Around the Corner for the IoT - The IoT is transforming before our eyes due to increasing regulations, growing demand for security standards and advancements in the telecom industry. T...
7 years ago
0xicf

ClearEnergy ransomware can destroy process automation logics in critical infrastructure, SCADA and industrial control systems. - Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical I...
7 years ago
ROOTCON Blog

ROOTCON 11 Venue - This years ROOTCON 11 will be held at Taal Vista Hotel in Tagaytay on September 21-22, 2017. We announced the venue as early as now so you can plan ahead...
7 years ago
Aten Labs

The ‘Compliance Only / CISSP / Minimum Viable Product / HR firewall’ infosec trapezoid of fuck - Yesterday (thurs, 3/24/16) I went on a tirade on twitter, regarding an experience I had in San Francisco during RSA week, while at a vendor party. I’ll let...
8 years ago
XyliBox

Citadel 0.0.1.1 (Atmos) - Guys of JPCERT, 有難う御座います！ Released an update to their Citadel decrypter to make it compatible with 0.0.1.1 sample. Citadel 0.0.1.1 don't have a lot of do...
8 years ago
Security Labs

Dridex Down Under - Raytheon | Websense® Security Labs™ has been tracking malicious email campaigns associated with the Dridex banking Trojan since 2014. An interesting deve...
9 years ago
Computer & Incidents | life.

What Verizon Missed in the Latest Threat Reports - * By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Sha * * Read the full report - here Recently, Veriz...
9 years ago
בלוג אבטחת מידע

Forensic - אחת מהבעיות העיקריות בביצוע תהליך FORENSIC הוא לאחר ביצוע תהליך שיכפול ה - Harddisk (על פי כל התקנים של שיכפול ביט אחרי ביט), היא לבצע מחקר על *מחשב חיי...
9 years ago
M86 Security Labs Blog

Blog Moved - Please see the Trustwave SpiderLabs Blog.
9 years ago
SpiderLabs Anterior

TrustKeeper Scan Engine Update – February 4, 2015 - The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerabi...
9 years ago
Amrit Williams Blog

RSA Announces End of RSA Security Conference - Aims to bring clarity to cloudy marketing messages through exhibit hall chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of EMC, today ...
10 years ago
stratBLOG - stratsec security research

botCloud – an emerging platform for cyber-attacks - Hosting network services on Cloud platforms is getting more and more popular. It is not in the scope of this article to elaborate the advantage of using Cl...
12 years ago
pentestmonkey

mimikatz: Tool To Recover Cleartext Passwords From Lsass - I meant to blog about this a while ago, but never got round to it. Here’s a brief post about very cool feature of a tool called mimikatz. I’m very grateful...
12 years ago
HexEsec | a pentester's view

Pentestify. - i’m over here now.
13 years ago
Seculert Blog

-
Security Art Blog

-
WHITE HAT HACKER

-
threatpost | The First Stop for Security News

-
sudosecure.net

-
Threat Landscape Dashboard | McAfee

-
Securelist / Blog

-
Site Home

-
Narkolayev Shlomi

-