LATEST ARTICLES

The New Web Exploit Can Crash and Restart Your iPhone

Now just a few lines of code can crash and restart any iPhone or iPad and can cause a Mac computer to freeze. Sabri Haddouche, a security researcher at encrypted instant messaging app Wire, revealed a proof-of-concept (PoC) web page containing an exploit that uses only a few lines of specially crafted CSS & HTML code. Beyond just a simple crash,...

Hide Sensitive Files in Encrypted Containers on Your Linux System

as penetration testers, we sometimes need to securely store customer data for prolonged periods. Bruteforce-resistant, vault-like containers can be created with just a few commands to protect ourselves from physical attacks and unintended data disclosures. The subject of cryptography and encryption are incredibly vast and complex. Rather than diving into ciphers, algorithms, AES, hash functions, and LUKS, this article will...

New Android malware that converts trusted apps into spyware

Recently last month Bitdefender has discovered a Android malware/spyware named as Triout. The services of this spyware include Recording calls Capturing the private messages Stealing photos Its activity was first identified back in May, when it was first uploaded on VirusTotal, a website that aggregates multiple antivirus scanning engines. Bitdefender discovered the traces of the malware in the popular apps. This...

Dark Tequila Banking Malware Uncovered After 5 Years of Activity

Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013. Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for five years due to its highly targeted nature and a few evasion techniques. Dark Tequila has primarily...

T-Mobile hack exposed more than 2 million people data

Earlier this week T-Mobile was hacked and data of about 2.3 million plus people was exposed and compromised. On 20th August T-Mobile officials discovered the breach and they claim to shut down the breach immediately but in this immediate reaction still 2million plus people data was compromised. On their site they discussed the breach by saying Dear Customer – Out of an...

American Intelligence Specialist to suffer 5 years in jail for leaking NSA documents

A former National Security Agency (NSA) contractor who admitted passing secret information to the media has been sentenced to more than five years. Reality Winner, 26,was about to face 10 years in prison, but this was reduced to 5 years and 3 months under a plea deal. She was arrested last year on 3rd of June for leaking an NSA...

Fluxion WiFi Phishing Tool

Fluxion is a security auditing and social-engineering research tool that uses social techniques to get the passwords of your neighbours :p. Fluxion uses simple phishing attacks to get the passwords. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering attack. Fluxion can be downloaded from GitHub, the link to download...

Wifiphisher WiFi phishing Tool

Wifiphisher is a tool that uses phishing method to get access to WiFi. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. It uses Evil Twin Attack to make a fake AP and to block the original AP, detailed process is shown in video at the end. Download : https://github.com/wifiphisher/wifiphisher.git Or directly copy...

Airgeddon WiFi Cracking Tool

Airgeddon is multi purpose all-in-one Swiss army knife tool for hacking WiFi. It is a wireless security auditing script for Linux systems with an extremely extensive feature list. It includes a wide list of attacks that can help hackers to jam a network or decrypt the WiFi keys. Download : https://github.com/v1s1t0r1sh3r3/airgeddon.git To directly clone from terminal type git clone --depth 1 https://github.com/v1s1t0r1sh3r3/airgeddon.git Usage : cd...

Whatsapp Vulnerability Could Be Used To Spread Fake News And Scam Users

Cybersecurity researchers from Check Point have unearthed a vulnerability in WhatsApp that could allow attackers to trick users by intercepting messages and editing the content. This opens up the possibility of scamming people and spreading misinformation. The flaws reside in the way WhatsApp mobile application connects with the WhatsApp Web and decrypts end-to-end encrypted messages using the protobuf2 protocol. The vulnerabilities...