zip
-
In August 2024, researchers detected a malicious Google Chrome browser infection that led to the distribution of LummaC2 stealer malware that utilized a drive-by download of a ZIP archive containing an MSI app packaging file, which, when executed, installed the malicious software on the victim’s system.
-
A serious security flaw has been uncovered in Mobile Security Framework (MobSF), a widely-used open-source tool for mobile app security analysis. The vulnerability, identified as CVE-2024-43399 (CVSS 9.8), could allow malicious actors to execute code remotely on servers running MobSF, potentially compromising the security of organizations that rely on this tool for app vetting.
-
Hackers abuse CHM files because they can embed malicious scripts or code within them. Windows systems often trust and execute these files without many security checks.
-
APT29, a Russian threat group, targeted German political parties with a new backdoor called WINELOADER using spear-phishing emails containing malicious links to ZIP files hosted on compromised websites.
-
Published in · 2 min read · Nov 10, 2023 In the intricate world of cybersecurity, where data protection is paramount, understanding how to crack password-protected ZIP files becomes a crucial skill. In this comprehensive guide, we’ll delve into the powerful tool, fcrackzip, exploring its installation, usage, and strategies to crack encrypted ZIP files. Buckle…
-
Published in · 3 min read · Dec 22, 2023 The Zip Slip vulnerability revolves around the unsafe extraction of compressed files within applications. It occurs when software mishandles paths embedded within zipped archives during extraction. This flaw enables attackers to manipulate file paths, potentially leading to the extraction of sensitive files beyond the intended…
-
In December 2023, the cybersecurity community was alerted to a new form of cyber threat – the Ducktail malware. This incident, detected by the eSentire Threat Response Unit (TRU), targeted a digital marketing professional, revealing the sophisticated mechanisms of this malware and underscoring the vulnerabilities in professional networks.
-
I noticed that my recent daily Python quiz about zip (I mean an iterable, not the .zip archive) received a decent attention. Thank you to all and every participant! No wonder that iterables in Python is an essential tool for pocking up with data. There are few reasons made iterables popular and fun: performance, memory…
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…
-
I got my hands on a new sample of Android/BianLian (sha256: 0070bc10699a982a26f6da48452b8f5e648e1e356a7c1667f393c5c3a1150865), a banking botnet I have been tracking for months (no, years). On December 14, 2023, there are 6 active C&C for Android/BianLian botnet. This is a partial list which shows (1) a known active C&C (“UP”), (2) a new active C&C (“NEW”) and (3)…
-
Article Link: https://www.youtube.com/watch?v=oheCXa_IEfk
-
Oct 02, 2023THNVulnerability / Cyber Attack A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems.
-
Published on September 28, 2023 It can be slightly difficult to encrypt a zip file using the tools available on your Windows or Mac. Unlike encrypting a PDF(new window) or an Excel file(new window), there’s no standardized software to use. You’ll need to rely on your device’s built-in encryption methods.
-
According to recent reports, a number of vulnerabilities have been discovered in widely used ZIP libraries of Swift and Flutter.
-
Google introduced eight new top-level domains at the beginning of May, such as .dad, .phd, .prof, .esq, .foo, .zip, .mov, and .nexus.
-
Google introduced eight new top-level domains at the beginning of May, such as .dad, .phd, .prof, .esq, .foo, .zip, .mov, and .nexus.
-
CVSS Meta Temp Score CVSS is a standardized scoring system to determine possibilities of attacks. The Temp Score considers temporal factors like disclosure, exploit and countermeasures. The unique Meta Score calculates the average score of different sources to provide a normalized scoring system. Current Exploit Price (≈) Our analysts are monitoring exploit markets and are…