Security Boulevard

MARCH 30, 2023

which introduced significant improvements to obfuscate the malware code and data including the list of command-and-control (C2) servers. This blog post analyzes the encryption algorithms used by Xloader to decrypt the most critical parts of the code and the most important parameters of the malware’s configuration. Important Xloader 4.3

Encryption 59

Encryption Malware 59

SecureWorld News

OCTOBER 19, 2021

One notorious hacking group from Iran uses particularly dirty schemes to fleece users, according to Google's Threat Analysis Group (TAG). APT35 are nation-state hackers working for the Iranian government, and they have a long list of attack techniques that play out like the best hits in phishing.

Phishing 76

Phishing Social Engineering Authentication Government 76

Security Boulevard

NOVEMBER 21, 2022

In this blog, we will share details of 4 groups of skimming attacks that have very little to no documentation in the public domain. We have shared the complete list of IOCs. Based on our observation, e-commerce stores in the US, UK, Australia, and Canada were primarily targeted by these threat actors. Key points.

Scams 52

Scams Banking Software 52

Kali Linux

MAY 29, 2023

Your browser does not support the video tag. Our primary focus is on enhancing the tools listed in the top 100 on the kali.org/tools page. Those are: UK: mirror.vinehost.net , sponsored by VineHost , thanks to Callum White. We have a RSS feeds and newsletter of our blog ! Anyone can help out, anyone can get involved !

Firmware 52

Firmware Phishing Architecture Authentication 52

Troy Hunt

DECEMBER 3, 2023

The very next day I published a blog post about how I made it so fast to search through 154M records and thus began a now 185-post epic where I began detailing the minutiae of how I built this thing, the decisions I made about how to run it and commentary on all sorts of different breaches. Or the UK's NCA to be feeding data in.

Data breaches 363

Data breaches Passwords Internet Internet 363

SecureList

FEBRUARY 25, 2021

Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. Log listing Webmin web interface logins. List of services used on the router. uk/connections/dbconn[.]asp. com/blog/wp-content/uploads/2017/cache[.]php. com/blog/wp-content/uploads/2017/cache[.]php.

Malware 133

Malware Phishing Passwords Encryption 133

Troy Hunt

MARCH 21, 2018

Transparency has been a huge part of that effort and I've always written and spoken candidly about my thought processes, how I handle data and very often, the mechanics of how I've built the service (have a scroll through the HIBP tag on this blog for many examples of each). The Money Show?

Data breaches 182

Data breaches Government Passwords Media 182