The Wall Street Journal reported Monday that hundreds of outside software developers are scanning the inboxes of millions of Gmail users. Google "does little to police those developers," the paper reported.

Recently, Alex Theuma, from the SaaS Revolution Show, sat...

new mac malware targets the cryptocurrency community

Samsung phone owners are reporting that the stock Messages app is randomly sending texts and photos to other people.

Before it became a covert surveillance tool disguised as an outstanding browser extension, Stylish really was an outstanding browser extension. It bestowed upon its users nothing less than the power to change the appearance of the internet. Its extensive…

Introduction

Denoscription of how to backdoor PAM and exfiltrate credentials via DNS requests. Capture credentials FTW!

With much attention lately over North Korea and its evolving cybersecurity capabilities, we thought to cover a somewhat related topic. A couple of years back...

In this note, I describe an interesting XSS that I found in February 2018 in one of the Google applications. I won't only show directly wher...

A web miner injected into compromised sites is just the tip of the iceberg for an infrastructure hosting malicious Windows and Linux coin miners.

Fourteen directors resigned from ZTE’s board as the Chinese telecom aims to get out from under U.S. penalties, but the changes may be less sweeping than they appear.

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in…

I. MotivationII. Compiler-assisted Code Randomization (CCR) OverviewIII. Identifying Essential Information for RandomizationIV. Obtaining Metadata from the LLVM BackendV. Metadata Definition with G…

The top hacker tools and software gadgets for 2018...The keyllama hacking tool is the best undetectable softw..

It has been a quite while since I haven’t released a new part of unexpected journey article serie. Particularly this small 0-day research project has been certainly didactic to me. Thus, I’ve decided to write down the process of achieving remote code execution…

Introduction MaiInt is a tool to perform OSINT, gather employee names and predict e-mail addresses for China based companies. The output is in HTML and CSV format. The Challenge The primary issue we’re trying to solve is that there are no good tools to enumerate…

Fortnite is the most popular game right now; it’s a genuine cultural phenomenon that is sweeping the world. Sadly, where there is a popular channel there will always be malicious actors. Today we want to diverge from our usual tech and vision blogs and share…