Month: September 2016

Two Israeli teenagers have been arrested for allegedly running a hacking service – TechRadar http://ift.tt/2cFEgGx Two Israeli teenagers have been arrested, accused of running an online service which performed distributed denial of service (DDoS) attacks on websites for paying customers. Called vDOS, the website went offline not long before the arrests were made. Following their…

Thousands of infected FTP servers net attackers €77K in cryptocurrency http://ift.tt/2c5ju0d Enlarge (credit: Pander) Attackers are draining the CPU and power resources of more than 5,000 file transfer protocol servers by infecting them with malware that surreptitiously mints the relatively new crypto currency called Monero, researchers said. A notable percentage of the 5,137 infected servers…

GovRAT 2.0 continues to target US companies and Government http://ift.tt/2crW4mj Vxers developed a new version of GovRAT, called GovRAT, that has been used to target government and many other organizations in the US. GovRAT is an old cyberespionage tool, it has been in the wild since 2014 and it was used by various threat actors…

PunkSPIDER – A Web Vulnerability Search Engine http://ift.tt/2c7q5fF PunkSPIDER is a global-reaching web vulnerability search engine aimed at web applications. The goal is to allow the user to determine vulnerabilities in websites across the Internet quickly, easily, and intuitively. Please use PunkSPIDER responsibly. In simple terms, that means the authors have created a security scanner…

Dropbox apologies for clunky administrator account access on Macs http://ift.tt/2cs4mOg Dropbox has denied accusations that its Mac client stealing passwords. Developer Phil Stokes has accused the cloud locker company of sucking up administrator passwords on machines in a bid to reduced the number of permission prompts. Stokes says in analysis that Dropbox’s Mac client abused…

NetSPI/PowerUpSQL http://ift.tt/2cASJoF NetSPI/PowerUpSQL: The PowerUpSQL module includes functions that support SQL Server discovery, auditing for common weak configurations, and privilege escalation on scale. It is intended to be used during internal penetration tests and red team engagements. However, PowerUpSQL also includes many functions that could be used by administrators to quickly inventory the SQL Servers…

shekyan/slowhttptest http://ift.tt/2cAUFxk shekyan/slowhttptest: SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP connections in different ways. Use it to test for DoS vulnerabilites of your web server, or just to figure out how many concurrent connections it can handle. SlowHTTPTest works on majority of Linux platforms,…