SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Houseparty is now offering $1 million bounty to the first person who can prove the recent Houseparty controversy was nothing but a commercial smear campaign. Houseparty is a social networking app that came out in 2015. The app is like a video version of a chatroom that allows users to engage in face-to-face chats. However,…
The Zeus Sphinx malware is back after three years to exploit the interest in the Coronavirus outbreak, the most common theme behind most attacks by far during the current pandemic. The COVID-19 theme has been exploited thoroughly by numerous spam campaigns. Zeus Sphinx (also known as Zloader and Terdot) is a malware strain that was initially spotted…
With the outbreak of the Coronavirus, hackers are attempting to take advantage of the popularity of online communication platforms that are used by businesses, school classrooms, and normal users. This time, attackers are taking advantage of Zoom’s increasing user base since the COVID-19 outbreak started by registering hundreds of new Zoom-themed domains for malicious purposes. …
The source code of one of the most lucrative ransomware strains, named Dharma, also known as CrySis, has been made available for sale on two Russian hacking forums. According to ZDNet, the source code of Dharma ransomware is being sold for a low price of $2,000. The concerning issue about the source-code being available…
[vc_row][vc_column][vc_column_text]A botnet consists of a number of internet-connected devices. Botnet operators perform activities, mostly malicious, that require large-scale automation including distributed denial-of-service attacks (DDoS attack), attacks on web applications to steal data, send spam, take control of the device and its connections, etc. Botnets usually use one or more than one malicious domain to make…
[vc_row][vc_column][vc_column_text]Legitimate applications like the PowerShell scripting language can also be used to execute attacks and for malicious activities. The rundll32.exe program can be used to execute an arbitrary binary. Adversaries may take advantage of this functionality to proxy execution of code to avoid setting off security tools that may not monitor the execution of the…
An unpatched vulnerability in the latest version of Apple iOS is preventing virtual private network (VPN) applications from encrypting all traffic. The vulnerability is affecting iOS 13.3.1 or later including the latest version, iOS version ‘13. 4.’. After a VPN connection is established, the device OS terminates all internet connections and re-connects them through the…
“csrss.exe” stands for Client/Server Run-Time Subsystem process; it is an important part of the Windows OS and you can find this process running in your task manager. In this new series, we analyze Windows processes and provide threat hunting tips. Client Server Runtime Process (csrss.exe) is the user-mode side of the Win32 subsystem with…
Tech giant, General Electric (GE), disclosed a data breach that exposed current and former employees as well as beneficiaries personally identifiable information (PII). The data breach was uncovered through a security incident that happened to one of GE’s partners, Canon Business Process Services. General Electric Company (GE) is a multinational digital industrial conglomerate. The company…
The Chinese state-sponsored group APT41 has targeted more than 75 organizations worldwide targeting security flaws in Citrix, Cisco, and Zoho appliances and devices. The APT41 group has been active since at least 2012 and is known for espionage, cybercrime, and surveillance operations against a large array of industries, as well as individuals. According to FireEye,…