SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Zoom is a videoconferencing software that has had an increase in popularity since the COVID-19 outbreak started. It has over 74,000 customers and 13 million monthly active users. The software company provides its customers with a cloud-based communication platform that offers chat, audio and video conferencing, online meetings via mobile, desktop, and telephone systems. Although…
“winlogon.exe” is a critical component of the Windows OS and it runs in the background. In this new series, we analyze Windows processes and provide threat hunting tips. “winlogon.exe” is responsible for a variety of critical tasks. The most important ones include: Loading the user profile when users sign in. Secure Attention Sequence (SAS): SAS is a…
Marriott International disclosed that the personal information of 5.2 million guests was affected by a data breach that started in mid-January 2020. At the end of February 2020, Multinational hotel chain Marriott detected that the personal information of approximately 5.2 million guests may have been leaked through the third-party application they use to provide guest…
Houseparty is now offering $1 million bounty to the first person who can prove the recent Houseparty controversy was nothing but a commercial smear campaign. Houseparty is a social networking app that came out in 2015. The app is like a video version of a chatroom that allows users to engage in face-to-face chats. However,…
The Zeus Sphinx malware is back after three years to exploit the interest in the Coronavirus outbreak, the most common theme behind most attacks by far during the current pandemic. The COVID-19 theme has been exploited thoroughly by numerous spam campaigns. Zeus Sphinx (also known as Zloader and Terdot) is a malware strain that was initially spotted…
With the outbreak of the Coronavirus, hackers are attempting to take advantage of the popularity of online communication platforms that are used by businesses, school classrooms, and normal users. This time, attackers are taking advantage of Zoom’s increasing user base since the COVID-19 outbreak started by registering hundreds of new Zoom-themed domains for malicious purposes. …
The source code of one of the most lucrative ransomware strains, named Dharma, also known as CrySis, has been made available for sale on two Russian hacking forums. According to ZDNet, the source code of Dharma ransomware is being sold for a low price of $2,000. The concerning issue about the source-code being available…
A botnet consists of a number of internet-connected devices. Botnet operators perform activities, mostly malicious, that require large-scale automation including distributed denial-of-service attacks (DDoS attack), attacks on web applications to steal data, send spam, take control of the device and its connections, etc. Botnets usually use one or more than one malicious domain to make…
Legitimate applications like the PowerShell scripting language can also be used to execute attacks and for malicious activities. The rundll32.exe program can be used to execute an arbitrary binary. Adversaries may take advantage of this functionality to proxy execution of code to avoid setting off security tools that may not monitor the execution of the…
An unpatched vulnerability in the latest version of Apple iOS is preventing virtual private network (VPN) applications from encrypting all traffic. The vulnerability is affecting iOS 13.3.1 or later including the latest version, iOS version ‘13. 4.’. After a VPN connection is established, the device OS terminates all internet connections and re-connects them through the…