SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Google has discovered more than 1,700 applications in the Play Store that were infected by Joker malware. The company started tracking the malware (also known as Bread) in early 2017. This malware operation is one of the most persistent threats Google has dealt with during the last few years. These also include 24 Android apps,…
Mozilla has warned Firefox users to update their browsers to the latest version due to a critical vulnerability actively being exploited in the wild. The update is to address a critical zero-day vulnerability that has been abused for targeted attacks. Mozilla claims that they are aware of targeted attacks in the wild that were abusing…
TikTok is one of the most popular apps globally. Beijing-based ByteDance owns the app that is available in over 150 countries and boasts over 1 billion users. Israeli cybersecurity research firm Check Point Research says it found “multiple vulnerabilities” within TikTok’s infrastructure. The vulnerabilities made it possible for potential attackers to hijack accounts to manipulate…
Google published its first Android Security Update of the New Year. It included details of seven vulnerabilities within the Android operating system classified as high and critical. Google’s first Android Security Bulletin of 2020 included a patch for a critical flaw in the smartphone operating system. The flaw, if properly and successfully executed, could potentially…
Facebook has announced it will ban Deepfake videos. Deepfake is media that take a person in an existing image or video and replace them with someone else’s likeness using artificial neural networks. According to a Facebook post, it will remove misleading manipulated media if it has been edited or synthesized in ways that aren’t apparent to…
Over 50% of the websites that use WebAssembly, a new web technology, apply it for malicious purposes, according to academic research published in June 2019. WebAssembly (Wasm) is a peculiar form of code that could also be a journey in standard web browsers and presents unusual aspects and major gains inefficiency. It is considered as…
Octopus is an open-source, pre-operation C2 server written in python3. Octopus can control its agents with PowerShell and communicate on HTTP or HTTPS protocols. Based on the article published here, Octopus has the following features: Control agents through HTTP/S. Execute system commands. Download files. Load external PowerShell modules. Use encrypted channels (AES-256) between C2 and…
Google has recently disabled Xiaomi camera integration with its Google Nest Hub after a user reported that he was able to view a stranger’s home through their device. The company has informed that it has fixed the issue, but Nest integration remains suspended until the root cause has been completely solved. The Reddit user posted images…
The Army, following the lead of the Navy and guidance from the Defense Department, has banned the short-form video app TikTok from all government-owned phones, according to an Army spokeswoman. The app, owned by the Chinese company, ByteDance, has come under scrutiny recently in the US and other countries. The video app, known as Douyin…
Microsoft has reported that it has detected a wide network of cyberattacks originating from North Korea. The Thallium hacking campaign is against Windows users, and this time, the danger is a lot more personal. The threat group behind these cyber-attacks is believed to be based in North Korea and has been named as “Thallium” by…