Leak Exposes OilRig APT Group's Tools

Data Breach Today

Group, Apparently Backed By Iran, Was Broadening Its Targets, Analysts Say A set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has leaked online, exposing some of the organization's methods and goals, analysts say

IT 227

VMware addresses flaws in VMware Tools and Workspace ONE SDK

Security Affairs

VMware has released security updates to address a local privilege escalation vulnerability in VMware Tools version 10 for Windows. VMware has released VMware Tools 11.0.0 that addresses a local privilege escalation issue in Tools 10.x.y

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

HHS Updates Security Risk Assessment Tool

Data Breach Today

In light of this ongoing challenge, HHS has released an updated version of its security risk assessment tool, which includes improved asset and vendor risk management features Why Do So Many Entities Still Struggle with Security Risk Analysis?

Risk 141

Report: Chinese Hackers First to Use NSA Cyberattack Tools

Data Breach Today

Symantec Report Deepens Mystery Around Lost NSA Tools and Exploits A Chinese hacking group was using exploits and tools developed by the NSA months before the tools were released by another group, Symantec says in a new report.

219
219

Top Vulnerability Scanning Tools

eSecurity Planet

Here are a dozen vulnerability scanning tools that can help Staying on top of vulnerabilities is a critical IT security practice.

Leaked NSA Hacking Tools

Schneier on Security

In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. Now we have learned that the Chinese used the tools fourteen months before the Shadow Brokers released them.

Cybercrime Tool Prices Continue to Rise on Darknet Sites

Data Breach Today

Payment Card and Passport Data Are Most Sought-After Commodities, Report Finds The prices for specific types of cybercriminal tools on darknet sites continue to rise, according to a recent analysis by security firm Flashpoint.

Free Tool: Honey Feed

Security Affairs

Cybersecurity expert Marco Ramilli shared another tool of his arsenal that extracts suspicious IPs from undesired connections, his HoneyPots. Hi folks, today I’d like to point you out another tool of mine which extracts suspicious IPs from undesired connections.

OilRig’s Jason email hacking tool leaked online

Security Affairs

A few hours ago, a new email hacking tool dubbed Jason and associated with the OilRig APT group was leaked through the same Telegram channel used to leak other tools. Now the group released a tool that was allegedly used by OilRig “for hacking emails and stealing information.”

HHS Updates Security Risk Assessment Tool

Data Breach Today

The Department of Health and Human Services has updated its HIPAA security risk assessment tool to better assist small and mid-sized healthcare entities and their vendors in performing a comprehensive risk analysis.

Risk 198

Enterprise Architecture Tools Are Key to Managing Ideation and Innovation

erwin

Organizations largely recognize the need for enterprise architecture tools, yet some still struggle to communicate their value and prioritize such initiatives. Enterprise Architecture Tools: The Fabric of Your Organization.

xHunt Campaign Leverages New Tools Against Shipping Firms

Data Breach Today

Researchers: Malware Used in Attacks Against Kuwaiti Transportation, Shipping Companies A hacking group is using new backdoor tools in a campaign targeting shipping and transportation companies in Kuwait, according to researchers at Palo Alto Networks' Unit 42

170
170

NSA Pitches Free Reverse-Engineering Tool Called Ghidra

Data Breach Today

So went the pitch from the NSA's Rob Joyce at this year's "Get Your Free NSA Reverse Engineering Tool" presentation at RSA Conference 2019

Obfuscation as a Privacy Tool

Schneier on Security

I am generally skeptical about obfuscation tools. This essay discusses the futility of opting out of surveillance, and suggests data obfuscation as an alternative.

A free Decryptor tool for GandCrab Ransomware released

Security Affairs

Good news for the victims of the latest variants of the GandCrab ransomware , NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website.

VMware addressed flaws in its Workstation and Tools

Security Affairs

VMware has informed its users that it has patched two high-severity vulnerabilities that affect its Tools and Workstation software. VMware has patched two high-severity flaws that affect its Tools and Workstation software.

IT 111

FIN7 Gang Returns With New Malicious Tools: Researchers

Data Breach Today

FireEye Says Financial Hacking Group Is Deploying New Dropper and Payload Despite a crackdown on some of its members in 2018, the FIN7 gang has returned with new malicious tools, including a revamped dropper and payload, according to analysts at FireEye.

Sales 163

Iranian Cyberespionage Tools Leaked Online

Schneier on Security

The source code of a set of Iranian cyberespionage tools was leaked online. cyberespionage doxing hacking iran leaks

101
101

Analysis: Russian Hackers Hijack Iranian Hacking Tools

Data Breach Today

The latest edition of the ISMG Security Report analyzes how the Russian hacking group Turla has been coopting Iranian hacking tools. Plus: Avast's CCleaner hit by second attack; sizing up draft regulations for the California Consumer Protection Act

Top Penetration Testing Tools

eSecurity Planet

Here are the best pen test tools for finding your vulnerabilities Penetration testing should be an ongoing practice for all IT security teams.

Instagram’s New Security Tools are a Welcome Step, But Not Enough

Krebs on Security

Security Tools Authy Duo Facebook Google Authenticator Google Voice Instagram SIM swap T-Mobile two-factor authentication twofactorauth.orgInstagram users should soon have more secure options for protecting their accounts against Internet bad guys.

Ghidra: NSA's Reverse-Engineering Tool

Schneier on Security

Last month, the NSA released Ghidra , a software reverse-engineering tool. Early reactions are uniformly positive. Three news articles. cybersecurity nsa opensource reverseengineering

Enterprise Architecture Tools and the Changing Role of the Enterprise Architect

erwin

Enterprise architecture tools are becoming more important than ever. Enterprise architecture tools allow an organization to map its applications – complete with their associated technologies and data – to the business functions they power.

Hackers Wield Commoditized Tools to Pop West African Banks

Data Breach Today

191
191

Google Analytics Emerges as a Phishing Tool

Threatpost

Web Security Akamai Bing cybercriminals Google Analytics Hackers malicious activity Phishing phishing tool site visitor behavior web analytics Websites Yandex

Cisco released 4CAN hardware tool to find flaws in automotive computers

Security Affairs

Cisco has released a hardware tool, called 4CAN , developed to help researchers to discover vulnerabilities in automotive systems. . Cisco has released a new hardware open-source tool called 4CAN that aims to help the automotive industry in security vehicles.

Police Surveillance Tools from Special Services Group

Schneier on Security

Special Services Group, a company that sells surveillance tools to the FBI, DEA, ICE, and other US government agencies, has had its secret sales brochure published.

FOIA 73

ToTok Is an Emirati Spying Tool

Schneier on Security

The smartphone messaging app ToTok is actually an Emirati spying tool : But the service, ToTok, is actually a spying tool, according to American officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers.

Experts released a free Decryption Tool for GandCrab ransomware

Security Affairs

Good news for the victims of the infamous GandCrab ransomware, security experts have created a decryption tool that allows them to decrypts files without paying the ransom. “This tool recovers files encrypted by GandCrab ransomware versions 1, 4 and 5.”

Gartner Emphasize the Need for Enterprise Architecture Tools

erwin

Organizations largely recognize the need for enterprise architecture tools, yet some still struggle to communicate their value and prioritize such initiatives. Enterprise Architecture Tools: The Fabric of Your Organization.

Intel Patches High-Severity Flaw in Processor Diagnostic Tool

Threatpost

Intel issued patches for a high-severity flaw in its processor diagnostic tool as well as a fix for a medium-severity vulnerability in its data center SSD lineup.

IT 113

FIN8 Group Returns, Targeting POS Devices With New Tools

Data Breach Today

Retail 188

9 Top Database Security Tools

eSecurity Planet

Here are 9 top database security tools to help you protect that data Databases contain some of the most critical data in an organization.

RiskIQ: Ticketmaster Hackers Compromised Widely Used Tools

Data Breach Today

Massive CIA Hacking Tool Leak: Ex-Agency Employee Charged

Data Breach Today

Schulte, with providing 8,000 documents that describe the agency's offensive malware tools and practices to WikiLeaks, which published them in 2017 as the "Vault 7" archive Lead Suspect Joshua A. Schulte Already Detained on Child Pornography Charges The U.S.

Data Mapping Tools: What Are the Key Differentiators

erwin

The need for data mapping tools in light of increasing volumes and varieties of data – as well as the velocity at which it must be processed – is growing. Data mapping tools have always been a key asset for any organization looking to leverage data for insights.

GDPR 84

9 Top Active Directory Security Tools

eSecurity Planet

Here are 9 Active Directory security tools that can help Active Directory can't protect against every security risk.

Risk 90

Elderly China Chopper Tool Still Going Strong in Multiple Campaigns

Threatpost

Hacks Malware Web Security analysis china chopper Cisco Talos Cyberattacks recent campaigns remote access tool web shellMultiple actors in multiple campaigns are using the web shell for remote access, even though it's almost a decade old and hasn't been updated.

IT 102

Google Releases Basic Homomorphic Encryption Tool

Schneier on Security

Google has released an open-source cryptographic tool: Private Join and Compute.

Bill Would Help Congress Track Offensive 'Cyber Tool' Sales

Data Breach Today

State Department Would Be Required to Provide Information on Approved Sales A House panel has approved a measure designed to make sure Congress is informed when U.S. companies sell offensive cyber technologies to other nations' governments. The measure was introduced after a U.S.

Sales 186