Web Trackers Exploit Browser Password Managers and Steal Login Information From Browser

A known browser vulnerability exploits the default browser Password manager that abused by third-party scripts and exfiltrate the hidden user identities.

An attacker can be successfully gaining the information by tracking script that inserts an invisible login form in the user visiting website that is automatically filled by browser login manager.

Source: GBHackers

Three more Malicious Backdoored plugins with More than 89,000 Active Installs found in WordPress Repository

WordPress has such a massive ecosystem consist of a number of plugins and themes, threat actors involved in various malicious activities such as hiding the PHP backdoor scripts into the WordPress Security Plugin.

In this incident, the attackers sell existing unsupported plugins to new authors with backdoor code inserted and their goal is to insert SEO spam to the sites with the plugin installed.

Read More on GBHackers

USB Forensics – Reconstruction of Digital Evidence from USB Drive

Digitial Forensics analysis of USB forensics include preservation, collection, Validation,
Identification, Analysis, Interpretation, Documentation, and Presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal.

Disk Imaging – USB Forensics:-

• A Disk Image is defined as a computer file that contains the contents and structure of a data storage device such as a hard drive, CD drive, phone, tablet, RAM, or USB.
• The disk image consists of the actual contents of the data storage device, as well as the information necessary to replicate the structure and content layout of the device.
• However Wide ranging of well-known tools is used according to the court of law to perform the analysis.
• Standard tools are solely authorized as per law, Forensics examiners are disallowed to perform Imaging with Unknown Tools, New Tools.
• Standard Tools: Encase Forensic Imager and its extension (Imagename.E01)
  Forensic Toolkit Imaging & Analysis:
• Since Encase forensic software cost around $2,995.00 – $3,594.00, So In this Imaging and analysis will be performed with FTK Forensic software made by AccessData.
• FTK Includes standalone disk imager is simple but concise Tool.

Read Full article: GBHackers on security

Edward Snowden Privacy Protection app turns your Android phone Into A Security System

Edward Snowden privacy protection app Haven turns your Android phone into a motion, sound, vibration and light detector, watching for unexpected guests and unwanted intruders.

App once installed, use your smartphone’s sensors microphone, motion detector, the light detector, and the cameras — to monitor the room for changes, and it logs everything it notices.

READ GBHACKERS ON SECURITY

InSpy – Linkedin Information Gathering tool for Pentesters

The objective of this Information Gathering tool is to extract Linkedin users based on the organization, job description or email address.InSpy was written in python by gojhonny.

Multiple Functionalities

• TechSpy
• EmpSpy

TechSpy – Crawls LinkedIn job listings for technologies used by the provider company. It attempts to identify technologies by matching job descriptions to keywords from a new line delimited file.

READ More: GBHackers On Security

Email Spoofing – Exploiting Open Relay configured Public Mailservers

Email spoofing is the way of delivering forged emails to recipients.These methods are used by criminals to launch attacks like phishing or spams to provide persistent backdoors with legitimate behavior.

Publicly available email servers can be used for spoofing attack.If you have configured your mail server with OPEN RELAY, this dangerous email spoofing attack can be performed by attackers.

READ: GBHackers On Security

Safehats – The Best Alternative Bug Bounty Program for HackerOne and Bugcrowd

A Bug bounty program also known as vulnerability rewards program (VRP) is the one where security researchers can disclose vulnerabilities and can receive recognition and compensation for reporting bugs.

Bug bounty program is suitable for organizations of all sizes; it is a part of organization’s penetration testing plan.

READ More: GBHackers ON Security

Windows Default Password Manager Keeper Leaked Saved Passwords From Browser

keeper password manager preinstalled with fresh Windows 10 OS which contains a serious security flaw that discovered by Google most respective security researcher Tavis Ormandy who is working a part of Google Zero Project.

This Critical security flaw from password manager leads to escalating the privileges of windows and leaked the saved password from the browser.

Read : GBhackers On Secutity

Parrot Security OS 3.10 Released with New Powerful Hacking Tools

The first big news is the introduction of a full firejail+apparmor sandboxing system to proactively protect the OS by isolating its components with the combination of different techniques which already has been released in 3.9 version.

The new version of Parrot Security OS 3.10 comes with Linux Kernel 4.14 LTS, awesome features of this new kernel release, as well as the Mozilla Firefox Quantum (57.0).

READ: GBHackers On Security

New BlackArch Penetration Testing Linux ISOs Released with More Hacking Tools

BlackArch Linux based Arch Linux. Lightweight Penetration Testing Distro designed for Professional & Elite Hackers who have the ability to work with Linux like a Pro.

Used to use Fluxbox & OpenBox as a Desktop Environment with other DE’s. It has huge tools in the repository more than 1500+ hacking tool included in the Distro & Repo.

READ: GBHackers On Security

A new Hacker Group ‘MoneyTaker’ uncovered by Group-IB Attacking Banks in the USA and Russia

A new Hacker Group ‘MoneyTaker’ uncovered by Group-IB targetting financial institutions and law firms in the USA, UK, and Russia. They are very successful in targetting a number of banks in different countries and they remain anonymous.

Security researchers from Group-IB uncovered the operations and the Hacker Group found targetting mainly on card payments including the AWS CBR (Russian Interbank System) and purportedly SWIFT (US).

They remain anonymous by constantly changing their methods and tools to bypass security products and to remove their tracks after completing their attack.

READ: GBHackers On Security

testssl.sh – Tool to check cryptographic flaws and TLS/SSL Ciphers on any Ports

testssl.sh is a free command line tool which checks a server’s administration on any port for the help of TLS/SSL ciphers, protocols and some TLS/SSL vulnerabilities.

Key features

1. Easy to install.
2. You can check with all port not only with 443.
3. Warnings if there is an issue with tests performed.
4. Compatible with Linux/BSD distribution
5. Supports more TLS extensions via sockets
6. TLS 1.3 support
7. Check for CAA RR
8. Check for OCSP must staple
9. Check for Certificate Transparency
10.Expect-CT Header Detection

Read More : GBHackers On Security

Process Doppelgänging Attack Works on all version of Windows Evade AV products and Forensics tools

Security researchers from Endpoint Security firm Ensilo discovered a new Evasion technique dubbed Process Doppelgänging which works with all the versions of windows and can Evade well-known security products forensics tools.

Doppelgänging introduced in BLACKHAT EUROPE 2017, with Doppelgänging they load and execute an arbitrary as, like a legitimate process, it is similar to Process Hollowing, but it uses NTFS Transactions.

READ MORE: GBHackers On Security

DOWNAD Malware using Dictionary Attack to Control the Servers & Remotely Execute Code

A Banking Trojan called DOWNAD has been discovered after 9 years that is capable of remotely inject malicious code into a server and also performing Dictionary Attack which is Considering as one of world’s most prevalent malware.

DOWNAD Malware family first Discovered in 2008 it managed to be one of the most destructive malware at the time, infecting up to 9 million computers.

READ MORE: GBHackers On Security

TeamViewer Fixed Critical Vulnerability that allows Clients to take Full Control of PC

TeamViewer is a well know software for desktop support and remote control over the Internet; it suffers a critical vulnerability which allows clients to take control over the computer remotely without any permission.

The bug impacted TeamViewer versions with Windows, macOS, and Linux.Now the patches available for windows and soon we can expect for macOS and Linux.

Read More: GBHackers On Security

Largest Crypto-Mining Market Hacked – Hackers may be Stolen $68M

On Wednesday a hacker compromised Nicehash marketplace payment system and an unknown amount of Bitcoins stolen from the wallets.NiceHash not yet disclosed any amount that stolen.

According to their company statement, there has been a security breach involving NiceHash website. Importantly, our payment system was compromised, and the contents of the NiceHash Bitcoin wallet have been stolen.

Read More: GBHackers On Security

31 Million Data Leaked Online Reveal that keyboard App Collects Everything from Contacts to Keystrokes

Millions of customer personal data exposed online due to a Misconfiguration with MongoDB that belongs to Ai.Type, the company that well know for developing the personalized virtual keyboard app for Android and iOS.

Security researchers from Kromtech Security Center identified that the company exposed their entire 577GB Mongo-hosted in public, anyone with internet connection can access the database.

Read More: GBHackers On Security

Global Law Enforcement Agencies shutdown the Largest and Dangerous Andromeda Botnet

Andromeda Botnet dismantled after the joint investigation with law enforcement agencies around the Globe.The takedown took place on 29 November 2017, Andromeda knew as Gamarue, and ESET detected it as Win32/TrojanDownloader.Wauchos.

FBI started their initial investigation in 2015 and worked closely with Microsoft in this; Andromeda spread through exploit kits or spam emails. It involves in Financial crimes, data exfiltration and it also has more than 80 Malware families to infect victim machine.

READ MORE AT GBHACKERS ON SECURITY