SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Google published its first Android Security Update of the New Year. It included details of seven vulnerabilities within the Android operating system classified as high and critical. Google’s first Android Security Bulletin of 2020 included a patch for a critical flaw in the smartphone operating system. The flaw, if properly and successfully executed, could potentially…
Facebook has announced it will ban Deepfake videos. Deepfake is media that take a person in an existing image or video and replace them with someone else’s likeness using artificial neural networks. According to a Facebook post, it will remove misleading manipulated media if it has been edited or synthesized in ways that aren’t apparent to…
Over 50% of the websites that use WebAssembly, a new web technology, apply it for malicious purposes, according to academic research published in June 2019. WebAssembly (Wasm) is a peculiar form of code that could also be a journey in standard web browsers and presents unusual aspects and major gains inefficiency. It is considered as…
Octopus is an open-source, pre-operation C2 server written in python3. Octopus can control its agents with PowerShell and communicate on HTTP or HTTPS protocols. Based on the article published here, Octopus has the following features: Control agents through HTTP/S. Execute system commands. Download files. Load external PowerShell modules. Use encrypted channels (AES-256) between C2 and…
Google has recently disabled Xiaomi camera integration with its Google Nest Hub after a user reported that he was able to view a stranger’s home through their device. The company has informed that it has fixed the issue, but Nest integration remains suspended until the root cause has been completely solved. The Reddit user posted images…
The Army, following the lead of the Navy and guidance from the Defense Department, has banned the short-form video app TikTok from all government-owned phones, according to an Army spokeswoman. The app, owned by the Chinese company, ByteDance, has come under scrutiny recently in the US and other countries. The video app, known as Douyin…
Microsoft has reported that it has detected a wide network of cyberattacks originating from North Korea. The Thallium hacking campaign is against Windows users, and this time, the danger is a lot more personal. The threat group behind these cyber-attacks is believed to be based in North Korea and has been named as “Thallium” by…
Special Olympics of New York is a nonprofit organization that is focused on competitive athletes with intellectual disabilities. It provides inclusive opportunities to more than 67,000 children and adults with intellectual disabilities across New York State. Around this year’s Christmas holiday, it had its email server hacked and later used to launch a phishing campaign…
Smart home tech maker Wyze Labs confirmed that the user data of over 2.4 million of its users were exposed by an unsecured database connected to an Elasticsearch cluster for over three weeks, from December 4 to December 26. Wyze is a Seattle-based company that sells smart devices like security cameras, smart plugs, smart lightbulbs,…
Twitter for Android app had another bug that exposed users’ phone numbers. The exploit could expose failures in the company’s two-factor authentication system and give other security developers to pause. The exploit was discovered and tested by security researcher Ibrahim Balic over two months. The researcher succeeded in matching 17 million phone numbers with Twitter…