SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
The Joker malware is still capable of bypassing the Google Play defense. The Joker malware, a spyware and premium dialer, has a vast range of capabilities; it is able to disable the Google Play Protect, display adds, write fake reviews and install malicious apps. The malware is also capable of stealing device data, SMS messages,…
A Domain Generation Algorithm (DGA) is a program that is designed to generate domain names in a particular order. Attackers developed DGAs so that malware can quickly generate a list of domains that it can use for the sites that give it instructions and receive information from the malware (usually referred to as “command and…
DNS beacon attack is one of the most complicated techniques used in some C&Cs to check the C&C server and exfiltrate data. For detecting this attack, you must check the time request for domains and find a repetitive behavior within a specified time. We suggest this rule for detecting some beacons. index=”*” type=”dns” | fields…
Microsoft released Windows 10 KB4532693 Update on their February Update Tuesday. It is now reported that a bug is causing the deletion of user files. According to previous reports, users have been facing with various difficulties on account of the Windows 10 KB4532693 Update; the buggy security update, released on February 11, boots user desktop…
A critical flaw in Cisco Smart Software Manager On-Prem could allow unverified remote attackers to gain control over a system with a high-privileged account due to a default and static password of a system account. Cisco Smart Software Manager On-Prem is a license-managing product that allows organizations to manage product activation keys (PAKs) and license…
’ThemeGrill Demo Importer’ är ett populärt WordPress-temaplugin som har över 200 000 installationer. Det har nyligen upptäckts att plugin-programmet innehåller en signifikant sårbarhet som kan göra det möjligt för oautentiserade cyberbrottslingar att få kontroll över många webbplatser och bloggar om de inte är patchade. Det upptäcktes att sårbarheten har funnits i ThemeGrill-plugin under de senaste…
‘ThemeGrill Demo Importer’ is a popular WordPress theme plugin that has over 200,000 installations. It has recently been discovered that the plugin contains a significant vulnerability that could allow unauthenticated cybercriminals to gain control over numerous websites and blogs if they are unpatched. It is discovered that the vulnerability has existed in the ThemeGrill plugin…
The Israel Defense Forces (IDF) stated that The Palestinian militant organization, Hamas, schemed to coax Israeli Soldiers into installing spyware and malicious apps using young women profiles on social media platforms such as Instagram, telegram and Facebook. According to the IDF spokesman Brigadier General Hild Silberman, many of the characters posed as new Israeli immigrants…
The IOTA foundation shut down their cryptocurrency, IOTA, after cybercriminals attacked and stole user funds. The attack happened on February 12, 2020; the Foundation notified users on Twitter not to open or use their wallet app, Trinity, on Desktop. After the initial investigation, the foundation turned off a node known as “coordinator” which approves IOTA…
A team of researchers from Singapore has published a paper detailing a collection of vulnerabilities they discovered in Bluetooth chips from several different vendors. The vulnerabilities named SweynTooth impact devices running the Bluetooth Low Energy (BLE) protocol. They can be used by an attacker in Bluetooth range can crash affected devices, force a reboot by sending them…