SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
In the past, you could rely on signature-based cybersecurity solutions to protect your organization against malware. Basic security hygiene and properly implemented antivirus, firewalls, and other automated security tools should stop the majority of threats from getting in. But once an attacker has sneaked into your network undetected, there’s often not much to stop them from staying…
Cybersecurity researchers have discovered a new strain of the Snatch ransomware. The trick relies on first rebooting infected Windows computers into Safe Mode. It then encrypts victims’ files to avoid antivirus detection. The reason for this step is that most antivirus software does not start in Windows Safe Mode. A safe mode is a state…
Cyber-security firm and antivirus maker Emsisoft has found a bug in the decrypter app of the Ryuk ransomware. Ryuk is a ransomware infection which gains access to networks and encrypts as many computers as possible. The attackers then demand large ransoms, sometimes in the millions, to receive a decryptor for their files. The bug makes…
OpenBSD has patched four vulnerabilities, including an authentication bypass and three local privilege-escalation (LPE) bugs. OpenBSD is the Unix-like open-source operating system known for its security protections. On Wednesday, Qualys Research Labs reported the existence of four vulnerabilities within the OS. They first privately reported this in the interest of responsible disclosure. The three issued…
Facebook filed a lawsuit today against a Chinese company in a San Francisco federal court. It alleged that ILikeAd Company has been abusing the Facebook ad platform to run a malware scheme. ILikeAd is a Hong Kong-based Media International Company Ltd that was founded in 2016. Chen Xiao Cong and Huang Tao are the two…
Phishing scammers have once again targeted users of the popular Steam gaming service. Security researcher nullcookies, first reported The credential-stealing scam on twitter. The scam offers new skins every day. A skin is a modification providing a new look and feel for items in Steam’s online games. There are entire digital marketplaces dedicated to trading…
There is a vulnerability in specific Microsoft OAuth 2.0 applications. It could let an attacker gain access and control of a victim’s Azure account. OAuth is a protocol that allows app users to share data about their accounts with third-party websites or apps so that when they sign into the apps they don’t need to…
Mozilla has removed four extensions made by Avast and AVG from the Firefox addon site. This happened on December 3rd after receiving credible reports that the extensions were harvesting user data and browsing histories. The four extensions are: Avast Online Security AVG Online Security Avast SafePrice AVG SafePrice The first two are extensions that alert…
Millions of SMS messages have been leaked by a database run by TrueDialog Based in Austin, Texas, TrueDialog provides bulk SMS services for small businesses, colleges and universities, which means that the majority of the messages were business-related, researchers said. Researchers at vpnMentor found the database on Microsoft’s Azure cloud platform on 26 November 2019.…
Installation phase in cyber kill chain The fifth chain of the cyber kill chain is Installation that is introduced by Lockheed Martin. During the installation step, attackers attempt to achieve persistence on the target machine and try to make a C&C channel for the exfiltration and controlling of the data from the target. Persistence is…