All posts by Charlie

Mirai botnet exploiting Azure OMIGOD vulnerabilities

OMIGOD flaws; the vulnerabilities were originally discovered by the Wiz Research Team. READ: Microsoft warns of Azure flaws exposing users to data theft On the other hand, security researcher Germán Fernández identified one of the botnets trying to exploit the...

/ September 20, 2021

Google to Auto-Reset Unused Android App Permissions for Billions of Devices

Google on Friday said it’s bringing an Android 11 feature that auto-resets permissions granted to apps that haven’t been used in months, to devices running Android versions 6 and above. The expansion is expected to go live later this year...

/ September 20, 2021

DDoS Attack Service Admin Behind 200,000 Attacks Face 35 Years in Prison

A federal jury in California, at the end of a nine-day trial, found an Illinois man guilty, who have operated several websites with paid DDoS attack services.  After executing an investigation it was found that 32-year old Matthew Gatrel of...

/ September 19, 2021

Capoae Malware Attacking Linux systems & Web Apps Using Multiple Vulnerabilities

A senior security researcher Larry Cashdollar, has detected malware that is dubbed Capoae on Thursday, and this malware by exploiting the multiple vulnerabilities is attacking the Linux systems and several web applications.  The Capoae malware was actually written in the...

/ September 18, 2021

Edward Snowden urges users to stop using ExpressVPN

reported on a billion-dollar deal in which ExpressVPN was bought off by Kape, an Israeli cyber security company raising privacy concerns among its users. Now, in a recent tweet, the former NSA whistleblower Edward Snowden has warned users to stop using...

/ September 18, 2021

Indicator Of Attack(IoA’s) And Activities – SOC/SIEM – A Detailed Explanation

What is an Indicator of Attack (IOA) IoA’s is some events that could reveal an active attack before indicators of compromise become visible. Use of IoA’s provides a way to shift from reactive cleanup/recovery to a proactive mode, where attackers...

/ September 18, 2021

Vulnerability Testing | Best Techniques for Assessing Risks

What Is Vulnerability Testing? Vulnerability testing, also known as vulnerability assessment, evaluates an entire system to look for security weaknesses and vulnerabilities. A vulnerability is a software bug, design flaw, or misconfiguration that bad actors can exploit to compromise a...

/ September 17, 2021

How to use VPN to access blocked websites?

use censorship as a tool to control the flow of information. This article highlights how one can use VPN to access blocked websites. If your country censors the internet and blocks sites like Facebook, Twitter, or YouTube then a VPN...

/ September 17, 2021

Download Kali Linux 2021.3 with Kali NetHunter on smartwatch, new tools

Kali Linux, a tool designed for cybersecurity experts and ethical hackers to carry out security audits and penetration testing, has been released by Offensive Security. According to the company’s blog post, the new version, Kali Linux 2021.3, comes with a range of...

/ September 17, 2021

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular...

/ September 17, 2021

MikroTik Shared a Mitigation to Secure Routers From Massive Mēris DDoS Botnet Attack

Over the summer the routers that are compromised by the massive Mēris DDoS botnet could be now cleaned, since MikroTik, the Latvian network equipment manufacturer has shared the proper guide and information to do so. As in recent times, we...

/ September 17, 2021

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

A targeted phishing campaign aimed at the aviation industry for two years may be spearheaded by a threat actor operating out of Nigeria, highlighting how attackers can carry out small-scale cyber offensives for extended periods of time while staying under...

/ September 17, 2021