Hacks

Intro In June 2019, ThreatFabric analysts found a new Android malware, dubbed "Cerberus", being rented out on underground forums. Its authors claim that it was used for private operations for two years preceding the start of the rental. They also state that the code is written from scratch and is not using parts of other existing banking Trojans, unlike many other Trojans that are either based completely on the source of another Trojan (such as the leaked Anubis source code that is now being resold) or at least borrow parts of other Trojans. After a thorough analysis, we can confirm that Cerberus was indeed not based on the Anubis source code. One peculiar thing about the actor group behind this banking malware is that they have an "official" Twitter account that they use to post promotional content (even videos) about the malware. Oddly enough they also use it to make fun of the AV community, sharing detection screenshots from VirusTotal (thus leaking IoC) an...

Cybersecurity researchers yesterday unveiled the existence of a highly sophisticated spyware framework that has been in operation for at least last 5 years—but remained undetected until recently. Dubbed  TajMahal  by researchers at Kaspersky Lab, the APT framework is a high-tech modular-based malware toolkit that not only supports a vast number of malicious plugins for distinct espionage operations, but also comprises never-before-seen and obscure tricks. By the way, Kaspersky didn't mention why they named the framework after Taj Mahal, one of the Seven Wonders of the World located in India. TajMahal toolkit was first  discovered  by security researchers late last year when hackers used it to spy on the computers of a diplomatic organization belonging to a Central Asian country whose nationality and location have not been disclosed. However, malware samples examined by the researchers suggest the cyberespionage group behind the attack has been active since at ...

If your mobile carrier offers LTE, also known as the 4G network, you need to beware as your network communication can be hijacked remotely. A team of researchers has discovered some critical weaknesses in the ubiquitous LTE mobile device standard that could allow sophisticated hackers to spy on users’ cellular networks, modify the contents of their communications, and even can re-route them to malicious or phishing websites. LTE, or Long Term Evolution, is the latest mobile telephony standard used by billions of people designed to bring many security improvements over the predecessor standard known as Global System for Mobile (GSM) communications. However,  multiple security flaws  have been discovered over the past few years, allowing attackers to intercept user’s communications, spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and knock devices entirely offline. 4G LTE Network Vulnerabilities Now, security...

A curated list of awesome Java frameworks, libraries and software. Contents Projects Bean Mapping Build Bytecode Manipulation Caching Cluster Management Code Analysis Code Coverage Code Generators Command-line Argument Parsers Compiler-compiler Configuration Constraint Satisfaction Problem Solver CSV Data structures Database Date and Time Dependency Injection Development Distributed Applications Distributed Transactions Distribution Document Processing Formal Verification Functional Programming Game Development Geospatial GUI High Performance HTTP Clients Hypermedia Types IDE Imagery JSON Processing JSON JVM and JDK Logging Machine Learning Messaging Microservice Miscellaneous Monitoring Native Natural Language Processing Networking ORM PaaS PDF Performance analysis Platform Reactive libraries REST Frameworks Science Search Security Serialization Server Template Engine Testing Utility Version Managers Web Crawling Web ...