Exciting things have been happening on TLS land lately. TLS 1.3 was finally released, bringing many security and performance improvements…

FortiGuard Labs found a new TrickBot variant, with a new module pwgrab, which attempts to steal credentials, autofill data, history and so on. We did a deep analysis on this pwgrab module to explai…

Posted by Jason Woloz and Eugene Liderman, Android Security & Privacy Team Update: We identified a bug that affected how we calculated dat...

The amount of attacks a server gets when the SSH port is open is ridiculous.

FOFA is a Cyberspace search engine. By conducting Cyberspace mapping, it can help researchers or enterprises quickly match network assets, such as vulnerability impact range analysis, application distribution statistics, and application popularity ranking…

23 votes and 2 comments so far on Reddit

Trojan discovered on Googel Play was available for download almost for a year. Its malicious functionality was hidden inside “Simple Call Recorder” application with over 5,000 installs.

Brief tutorial of how to use backend pipes in PowerDNS for exfiltration

Press release, ETSI releases standards for enterprise security and data centre management

I'm currently managing a code base in which we've got a mysql database with all records encrypted using the php-encryption library. This works well for our current setup. We now got a new business

Earlier this week the WP GDPR Compliance plugin was briefly removed from the WordPress.org repository after the discovery of critical security issues impacting its users. In yesterday’s post, we provided some details regarding these issues and illustrated…

Twitter: @s4tan Sacara VM GitHub project: https://github.com/enkomio/sacara In this blog post I want to describe a bit my latest side pro...

Most advanced XSS detection suite. Contribute to s0md3v/XSStrike development by creating an account on GitHub.

Trojan.TrickBot has been present in the threat landscape from quite a while. We wrote about its first version in October 2016. From the beginning, it was a well organized modular malware, written by developers with mature skills. It is often called a banker…

ADB - Trinity in Words

The Android Debug Bridge (ADB) is a protocol designed to keep track of both emulated and real phones/TVs/DVRs connected to a given host. It implements various commands designed to assist the developer (adb shell, adb push, and so on)…

It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute arbitrary code.

USN-3815-1 fixed a vulnerability in gettext. This update provides the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that gettext incorrectly handled certain messages. An attacker could possibly use this issue to execute…

BGP route leak interrupts access to Google’s services throughout the world. Traffic rerouted via Russia and China and slammed into the great firewall.

It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review…

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions - chenerlich/FCL