Monthly Archives: October 2013

Wifite v2- Automated Wireless Auditor

Wireless network are available for any user so when you travel you will have wifi in the airports, hotels or coffeshops. Some of them are secured and using encryption others with weak encryption and the remaining wifi are open for

Halloween scams hit Facebook, Twitter, and YouTube

Free Halloween products is what scammers using to trick more victims to their malicious campaign, TrenMicro alerting about more scams that are posted on social network platforms including Facebook, Twitter, and YouTube. The first scam is on YouTube where if

Brakeman – Rails Security Scanner

Code static analysis in applications is important to identify security vulnerabilities. if you need to check Ruby on Rails it is possible to use Brakeman. The project is intended to verify the security troubles in Ruby on Rails web framework

Fake Medical Lab Emails Lead to ZBOT

A medical laboratory result is the subject for another spamming campaign observed by Trend Micro. The fake email attaches a document file that exploits Microsoft office vulnerability MSCOMCTL.OCX RCE  (CVE-2012-0158). According to Trend Micro the spoofed message includes the following:

Phishing scam pose as Microsoft Windows Error Fix

If you receive an email from Microsoft you should verify the source. Cybercriminals are now sending fake emails claiming that they have an Urgent Windows Error Fix. This is a very clever trick as in the last period many windows

XSS ChEF -Chrome Extension Exploitation Framework

XSS ChEF – is a Chrome Extension Exploitation Framework that you can use during penetration testing to execute scripts in particular vulnerable website with cross site scripting (XSS), take screenshots of the tabs to track browsing history and cookies or

Twitter lists used for spreading malicious links

Trendmicro security researchers posted an article about a circulating attack on twitter where malicious users are adding victims to twitter lists. The malicious accounts are leading to several websites that offers hacking tools for whatsap, Facebook and Twitter, beside a