securityXspace: a blog about cyber-philosophy.

by Cyber Safety Solutions Team In one of our previous blog entries , we covered how the threat actor known as Winnti was using GitHub to spread malware – a development that shows how the group is starting to evolve and use new attack methods beyond their previous tactics involving targeted attacks against gaming, pharmaceutical,…

Techworm Indian Hackers Leaks 1.7 Million Snapchat User Data Techworm Snapchat is going through one of its worst weeks in a while. First the ratings of its app took a nose dive in the fallout of its CEO’s alleged comment calling Indians poor ( read more about it here ) and now, reports are coming…

Oracle released a record 299 patches, including a fix for a Solaris vulnerability disclosed by the ShadowBrokers, and another for the recently disclosed Apache Struts 2 flaw. Source: Record Oracle Patch Update Addresses ShadowBrokers, Struts 2 Vulnerabilities

Special Forces Guide to Information Operations [PDF] :

The Shadow Brokers “Lost In Translation” :

Inside the ‘Stalkerware’ Surveillance Market, Where Ordinary People Tap Each Other’s Phones : pwned hard, but no pub dump

juliocesarfort/public-pentesting-reports :

Evilginx – Advanced Phishing with Two-factor Authentication Bypass : https://vimeo.com/212463675

The Rapid7 team has been busy evaluating the threats posed by last Friday’s Shadow Broker exploit and tool release and answering questions from colleagues, customers, and family members about the release. We know that many people have questions about exactly what was released, the threat it poses, and how to respond, so we have decided…

telegraph.co.uk – Part of the beauty of a “left-of-launch” attack, said Lance Gatling, a defence analyst and president of Tokyo-based Nexial Research Inc, is that the North Koreans cannot be sure that any imported e… Tweeted by @SatyamS21 https://twitter.com/SatyamS21/status/854120095437783040 Source: US cyber attacks may be bringing North Korean missiles down