DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities

The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers. read more

Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default

With Microsoft taking steps to block Excel 4.0 (XLM or XL4) and Visual Basic for Applications (VBA) macros by default across Office apps, malicious actors are responding by refining their tactics, techniques, and procedures (TTPs). read more

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

 In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development.

"This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking trojan, allowing criminals to perform On-Device Fraud on victim's devices," ThreatFabric's Han Sahin said in a statement. Dubbed BugDrop by the Dutch security firm, the dropper app is explicitly designed to defeat new features introduced in the upcoming version of Android that aim to make it difficult for malware to request Accessibility Services privileges from victims. read more

Findmyhash

 Written in Python, findmyhash is a free open-source tool that helps to crack passwords using free online services.

It works with the following algorithms: read more

THC Hydra

THC Hydra is a free hacking tool licensed under AGPL v3.0, widely used by those who need to brute force crack remote authentication services. read more

Kismet Wireless

Kismet Wireless is a multi-platform free Wireless LAN analyzer, sniffer, and IDS (intrusion detection system). read more

Sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester, and a broad range of switches lasting from database fingerprinting to data fetching from the database to accessing the underlying file system and executing commands on the operating system via out-of-band connections.read more

Wireshark

What Is Wireshark?

Wireshark is a network protocol analyzer, or an application that captures packets from a network connection, such as from your computer to your home office or the internet. Packet is the name given to a discrete unit of data in a typical Ethernet network.read more

Lynis

Lynis is an open-source security auditing tool for UNIX derivatives like Linux, Mac OS, BSD, other Unix-based operating systems, etc. Performing extensive health scans of systems that support System Hardening and Compliance Testing. An open-source software with GPL License. This tool scans for general system information, vulnerable software packages, and configuration issues. It is helpful for System Administrators, Auditors, and Security Professionals. read more

Nmap

What is Nmap

Nmap, short for Network Mapper, is a free and open source tool used for vulnerability checking, port scanning, and network mapping. Despite being created in 1997, Nmap remains the gold standard against which all other similar tools, either commercial or open source, is judged. read more

Hacktivism

 What is hacktivism?

Hacktivism is the act of misusing a computer system or network for a socially or politically motivated reason. Individuals who perform hacktivism are known as hacktivists. Hacktivism is meant to call the public's attention to something the hacktivist believes is an important issue or cause, such as freedom of information, human rights, or a religious point of view. read more