Threat ITCyber Security Articles and Tutorials

News
- Articles
  
  Microsoft Edge browser will warn users about “leaked” passwords
  
  Threat IT Staff - January 4, 2021 0
  
  The browser will constantly check the information against databases of information about declassified logins and passwords. Continuous monitoring of passwords will allow users to receive...
  
  News
  
  Game developer Koei Tecmo reported hack only after data leak
  
  Threat IT Staff - December 29, 2020 0
  
  apanese game developer Koei Tecmo reported a data breach and disabled its European and US websites after the stolen data was posted on a hacker forum...
  
  Articles
  
  Cyberattack on FireEye was detected due to a hacker Mistake
  
  Threat IT Staff - December 28, 2020 0
  
  US officials and cybersecurity experts investigating major Treasury and FireEye hacks believe the cyberattacks were ultimately discovered due to a mistake hackers made while moving through a...
  
  News
  
  Pavel Durov told how he plans to monetize Telegram
  
  Threat IT Staff - December 26, 2020 0
  
  Pavel Durov published a long post on his Telegram channel dedicated to plans for monetization and further development of Telegram. He says that the messenger is already approaching...
  
  News
  
  Nintendo data leak sheds light on the company’s attempts to catch the console cracker
  
  Staff ThreatIT - December 26, 2020 0
  
  Nintendo has once again been the victim of a data breach this year. Like previous leaks, information regarding the Nintendo Switch game console was...
Application Security
- Application Security
  
  Google urged Chromium developers to ditch Windows 7
  
  Threat IT Staff - December 28, 2020 0
  
  Eleven months after Microsoft officially ended technical support for the Windows 7 operating system, Google finally called on the Chromium developers to stop using the OS. “I...
  
  Uncategorized
  
  Critical WordPress bug in Contact Form 7 plugin – More Than 5,000,000 installations
  
  Threat IT Staff - December 18, 2020 0
  
  The developers of the popular Contact Form 7 WordPress plugin, which is installed on more than 5,000,000 sites, have released a fix for a...
  
  Application Security
  
  Trend Micro Vulnerabilities in IWSVA Web Gateway has been Fixed!
  
  Threat IT Staff - December 18, 2020 0
  
  The company Trend Micro this week sent out to customers update InterScan Web Security Virtual Appliance (IWSVA) , which patches several serious vulnerabilities. A...
  
  Application Security
  
  28 dangerous extensions detected for Google Chrome and Microsoft Edge
  
  Threat IT Staff - December 18, 2020 0
  
  Avast experts have discovered malware hidden in at least 28 third-party extensions for Google Chrome and Microsoft Edge. All of these extensions were associated with popular platforms:...
  
  Application Security
  
  Firefox 84 Bug; fixed a critical bug that is relevant for Google Chrome
  
  Threat IT Staff - December 16, 2020 0
  
  Mozilla has released a new version of its browser - Firefox 84, in which the developers have eliminated a number of dangerous vulnerabilities (even...
Vulnerabilities & Threats
- Articles
  
  Vulnerable Microsoft Exchange Servers Attacked by Prometei Botnet
  
  Threat IT Staff - April 25, 2021 0
  
  Since the patches for ProxyLogon problems were still not fully installed, attackers continue to attack vulnerable Microsoft Exchange servers. Now researchers from Cybereason Nocturnus have discovered the Prometei botnet, which mines Monero cryptocurrency on vulnerable machines.
  
  Articles
  
  Google Docs Vulnerability allowed to view other people’s documents
  
  Threat IT Staff - December 29, 2020 0
  
  Google has patched a vulnerability in its feedback tool used in its services. The vulnerability made it possible to steal screenshots of confidential documents from...
  
  Articles
  
  Hackers Sell RDP, DDoS attacks and payment card data on the darknet
  
  Threat IT Staff - December 23, 2020 0
  
  Cybersecurity researchers at Flashpoint reported rising prices for access to RDP servers, stolen payment card data, and a DDoS-as-a-service business model in underground forums and marketplaces. “As...
  
  Articles
  
  Lists of Companies Affected by the SolarWinds Hack has Published
  
  Threat IT Staff - December 22, 2020 1
  
  Several information security companies have published lists of SolarWinds customers who have been affected by the hacking of the company and the infection of the Orion...
  
  Articles
  
  Script to detect vulnerable TCP / IP stacks
  
  Threat IT Staff - December 22, 2020 0
  
  Forescout has released an open source tool to help identify network devices running TCP / IP stacks affected by the "Amnesia: 33" vulnerability bundle. We...
Tutorials & Tools
- Articles
  
  Metasploit with Docker and Kubernetes
  
  Threat IT Staff - November 29, 2020 0
  
  The purpose of this article is to make it easy to build a penetration test environment without any other complicated settings as long as...
  
  Articles
  
  Credentials for 50 thousand Fortinet VPN devices published online
  
  Threat IT Staff - November 27, 2020 0
  
  Last weekend, one of the hacker forums posted exploits for a vulnerability in Fortinet VPN devices ( CVE-2018-13379 ) and the IP addresses of...
  
  Articles
  
  How To Use Powershell Empire
  
  Threat IT Staff - November 27, 2020 0
  
  Initial setup Build a C2 server called listener ================================================================ Post-Exploitation Framework ================================================================ 2.5 | https://github.com/empireProject/Empire ================================================================ _______ .___ ___. .______ ...
  
  Articles
  
  Scan Open Ports With Nmap – Full Tutorial
  
  Threat IT Staff - November 26, 2020 0
  
  1 What is nmap? Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to...
  
  Articles
  
  Mitaka – Powerful OSINT Tool on Chrome
  
  Threat IT Staff - November 26, 2020 0
  
  When trying to search the IOC (Indicator of Compromise) for IP addresses, domains, hash values, etc. with OSINT services (Shodan, Censys, VirusTotal, etc.), do...
Risk & Compliance
- Articles
  
  Privacy-focused ClearURLs extension removed from Chrome Web Store
  
  Threat IT Staff - March 25, 2021 0
  
  Edition Bleeping Computer Note that the browser-based extension ClearURLs, clearing URL-addresses from any tracker, designed for surveillance and intelligence, has been removed from Chrome Web Store. ClearURLs...
  
  Articles
  
  Ledger Crypto Data Breach – 270,000 Wallet Owners Data has been leaked
  
  Threat IT Staff - December 21, 2020 0
  
  A hacker forum found a database containing email addresses and physical addresses of the owners of Ledger hardware wallets, according to Bleeping Computer . Journalists remind that...
  
  Articles
  
  Cellebrite learned how to hack Signal correspondence
  
  Threat IT Staff - December 16, 2020 0
  
  Israeli company Cellebrite , which specializes in hacking smartphones, said that it can now extract user messages in the Signal messenger, which is considered...
  
  Articles
  
  Why Is It Important To Have Intrusion Detection And Prevention ?
  
  Threat IT Staff - November 24, 2020 0
  
  This article describes why detection and prevention of burglaries must be one of the most important aspects of any burglary protection and detection system....
  
  Articles
  
  RCE vulnerability found in CWA app to track COVID-19 spread
  
  Threat IT Staff - November 23, 2020 0
  
  An issue has been identified in the infrastructure that powers the Corona-Warn-App on Android and iOS. Experts from GitHub Security Labs have discovered a critical...
Attacks & Breaches
- Articles
  
  Vulnerable Microsoft Exchange Servers Attacked by Prometei Botnet
  
  Threat IT Staff - April 25, 2021 0
  
  Since the patches for ProxyLogon problems were still not fully installed, attackers continue to attack vulnerable Microsoft Exchange servers. Now researchers from Cybereason Nocturnus have discovered the Prometei botnet, which mines Monero cryptocurrency on vulnerable machines.
  
  Articles
  
  Attackers use the GitHub server infrastructure for cryptomining
  
  Threat IT Staff - April 5, 2021 0
  
  The web service for hosting IT projects GitHub is investigating a series of attacks on its cloud infrastructure, in which cybercriminals use the company's...
  
  Articles
  
  Nissan source code leaked due to admin: admin credentials
  
  Threat IT Staff - January 11, 2021 0
  
  The source code of mobile applications and internal tools of the North American division of Nissan has been leaked to the network. The leak occurred...
  
  Uncategorized
  
  Ho.mobile Data Breach – Ho.Mobile Users Data are being Sold on Darknet
  
  Threat IT Staff - January 4, 2021 0
  
  In the last days of 2020, rumors about the theft of data from 2.5 million ho.mobile users have raised many concerns, and it seems that the...
  
  Articles
  
  Microsoft has identified the ultimate target of hackers hacked into SolarWinds
  
  Threat IT Staff - December 30, 2020 0
  
  According to Microsoft experts, the ultimate goal of the hackers who hacked SolarWinds was to gain access to the cloud assets of the victims...
Critical Infrastructure
- Articles
  
  Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat
  
  Koohyar Biniyaz (Jimmy) - December 18, 2020 0
  
  Eleven vulnerabilities, combined under the name Urgent / 11, were made public in August 2019. Five bugs with the general name CDPwn showed up...
  
  Articles
  
  33 vulnerabilities threaten millions of Critical Infrastructure
  
  Koohyar Biniyaz (Jimmy) - December 10, 2020 0
  
  Cybersecurity researchers have found 33 vulnerabilities in four open source TCP / IP libraries. Currently, problematic libraries are used in the firmware of products...
  
  Cyber Security
  
  The risk is real: attacks on OT infrastructure
  
  Koohyar Biniyaz (Jimmy) - November 11, 2020 0
  
  Previously, many believed that attacks on an isolated OT infrastructure (Operational Technology) were practically impossible, since everything works in a special network, separate from...
Endpoint Security
- Articles
  
  Why Is It Important To Have Intrusion Detection And Prevention ?
  
  Threat IT Staff - November 24, 2020 0
  
  This article describes why detection and prevention of burglaries must be one of the most important aspects of any burglary protection and detection system....
  
  Cyber Security
  
  Comodo has published the EDR source code on GitHub
  
  Threat IT Staff - November 15, 2020 0
  
  Comodo this week opened the source for its Endpoint Detection and Response (EDR) system. Thus, the company became the first major vendor to take...
IoT Security
- Articles
  
  Serious bugs fixed in D-Link routers
  
  Threat IT Staff - December 10, 2020 0
  
  This summer, Digital Defense specialists discovered that a number of D-Link router models were vulnerable to command injection, including remote ones. Initially, problems were found in DSR-250...
  
  Articles
  
  Scientists turn a robot vacuum cleaner into a spy device
  
  Threat IT Staff - November 25, 2020 0
  
  Household robotic vacuum cleaners can be hacked remotely and eavesdropped on conversations, even if they don't have a microphone. The researchers collected information from a...
  
  Articles
  
  New Bluetooth attack can hijack Tesla Model X in minutes
  
  Threat IT Staff - November 24, 2020 0
  
  Tesla is using over the air updates to patch vulnerabilities and add new features to its keyless entry system in Tesla Model X vehicles....
  
  Articles
  
  IoT Security – Why is it Important?
  
  Koohyar Biniyaz (Jimmy) - August 10, 2020 0
  
  IoT or Internet of Things are connected devices, including hardware, software and data. IoT Security It is a technology area that deals with the...
Network Security
- Articles
  
  More than 45 million medical scans are in the public domain
  
  Staff ThreatIT - December 16, 2020 0
  
  A study by CybelAngel, a risk management services company, helped identify a massive leak of confidential information . The aim of the study was...
  
  Articles
  
  New Kerberos Exploit for Bronze Bit attack Has Been Published
  
  Koohyar Biniyaz (Jimmy) - December 11, 2020 0
  
  NetSPI security specialist Jake Karnes has published detailed information ( 1 , 2 ) about the CVE-2020-17049 vulnerability, as well as an exploit for it, calling his attack Kerberos Bronze...
  
  Articles
  
  Why Is It Important To Have Intrusion Detection And Prevention ?
  
  Threat IT Staff - November 24, 2020 0
  
  This article describes why detection and prevention of burglaries must be one of the most important aspects of any burglary protection and detection system....
  
  Articles
  
  MASSCAN: Mass IP port scanner
  
  Threat IT Staff - November 12, 2020 0
  
  This is an Internet-scale port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second, from a...
  
  Articles
  
  TLS Encryption at risk?
  
  Threat IT Staff - September 11, 2020 0
  
  The Transport Layer Security (TLS) might just be not so secure thanks to new vulnerability that could potentially allow an attacker to break the...
Innovations
- All Artificial Intelligence Big Data
  
  Articles
  
  Google has developed a rating system for open source projects
  
  Threat IT Staff - December 14, 2020 0
  
  As part of its participation in the Open-Source Security Foundation (OpenSSF), Google has developed a system for ranking open source projects based on their importance to...
  
  Articles
  
  Why Is It Important To Have Intrusion Detection And Prevention ?
  
  Threat IT Staff - November 24, 2020 0
  
  This article describes why detection and prevention of burglaries must be one of the most important aspects of any burglary protection and detection system....
  
  Uncategorized
  
  Threat Intelligence Automation
  
  Koohyar Biniyaz (Jimmy) - August 3, 2020 0
  
  Cyber Threat Intelligence (CTI) is a framework and technology that generates intelligence that can, or will respond to cyber threat attacks that are now...
  
  Artificial Intelligence
  
  Machine Learning in Malware Analysis
  
  Koohyar Biniyaz (Jimmy) - July 25, 2020 2
  
  Many different deep network architectures have been suggested by machine learning experts and malware analysts to detect both known and unknown malware. There has...
Tutorial and Tools
- Articles
  
  Metasploit with Docker and Kubernetes
  
  Threat IT Staff - November 29, 2020 0
  
  The purpose of this article is to make it easy to build a penetration test environment without any other complicated settings as long as...
  
  Articles
  
  Credentials for 50 thousand Fortinet VPN devices published online
  
  Threat IT Staff - November 27, 2020 0
  
  Last weekend, one of the hacker forums posted exploits for a vulnerability in Fortinet VPN devices ( CVE-2018-13379 ) and the IP addresses of...
  
  Articles
  
  How To Use Powershell Empire
  
  Threat IT Staff - November 27, 2020 0
  
  Initial setup Build a C2 server called listener ================================================================ Post-Exploitation Framework ================================================================ 2.5 | https://github.com/empireProject/Empire ================================================================ _______ .___ ___. .______ ...
  
  Articles
  
  Scan Open Ports With Nmap – Full Tutorial
  
  Threat IT Staff - November 26, 2020 0
  
  1 What is nmap? Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to...
  
  Articles
  
  Mitaka – Powerful OSINT Tool on Chrome
  
  Threat IT Staff - November 26, 2020 0
  
  When trying to search the IOC (Indicator of Compromise) for IP addresses, domains, hash values, etc. with OSINT services (Shodan, Censys, VirusTotal, etc.), do...

Uncategorized

Ransomware attacks Microsoft SharePoint servers

Microsoft SharePoint servers have joined a long list of devices that ransomware uses to infiltrate corporate networks. This list also includes Citrix gateways, F5 BIG-IP...

Threat IT Staff - April 28, 2021 0

Articles

A patch for another 0-day vulnerability in Google Chrome has been released

Google developers released Chrome version 90.0.4430.85 (for Windows, Mac and Linux), eliminating a zero-day vulnerability that hackers have already actively exploited. The issue is identified as CVE-2021-21224...

Threat IT Staff - April 25, 2021 0

Uncategorized

760$ million stolen from Bitfinex in 2016 transferred to other wallets

Edition of The Record reports that, according to the Whale Alert and BTCparsers, Bitcoins, stolen in 2016 from Bitfinex Exchange were transferred to other purses dozens of transactions in...

Staff ThreatIT - April 17, 2021 0

Uncategorized

NAME: WRECK vulnerabilities threaten millions of IoT devices

Forescout experts presented a report on nine vulnerabilities in TCP / IP stacks, collectively named NAME: WRECK . These problems affect hundreds of millions of servers, smart...

Threat IT Staff - April 14, 2021 0

Uncategorized

Critical bug fixed in Apache OFBiz

The developers of the Apache Software Foundation have fixed a vulnerability in Apache OFBiz that could allow an unauthenticated attacker to remotely take control...

Threat IT Staff - March 23, 2021 0

Articles

More than 400 phishing campaigns per week were associated with Valentine’s Day

Check Point experts report that hackers "celebrated" Valentine's Day in a big way. The company's analysts recorded more than 400 phishing campaigns dedicated to the holiday every...

Threat IT Staff - February 18, 2021 0

Uncategorized

Researcher compromised 35 companies through new supply chain attack

nformation security expert Alex Birsan talked about a new problem , which is a variation of the attack on the supply chain, called the dependency confusion...

Threat IT Staff - February 11, 2021 0

Uncategorized

Popular The Great Suspender Chrome Extension Contains Malware

The Great Suspender extension has been removed from the Chrome Web Store, which suspends unused tabs in the browser and forcibly unloads their resources...

Threat IT Staff - February 8, 2021 0

12 3...5 Page 1 of 5

Latest news

ArticlesThreat IT Staff - January 4, 20210

Microsoft Edge browser will warn users about “leaked” passwords

The browser will constantly check the information against databases of information about declassified logins and passwords. Continuous monitoring of passwords...

ArticlesThreat IT Staff - April 26, 20210

Pareto botnet claims jailbroken devices are TVs

Experts from Human Security (formerly White Ops) have discovered the Pareto botnet that infects Android devices and uses them to scam...

ArticlesThreat IT Staff - April 25, 20210

Vulnerable Microsoft Exchange Servers Attacked by Prometei Botnet

Since the patches for ProxyLogon problems were still not fully installed, attackers continue to attack vulnerable Microsoft Exchange servers. Now researchers from Cybereason Nocturnus have discovered the Prometei botnet, which mines Monero cryptocurrency on vulnerable machines.