Security – HackerSecret.com – The Most Authoritative Site in the World on the Hacking Tools and Techniques, Penetration Testing and CyberSecurity

Microsoft Releases September 2020 Security Patches For 129 Flaws

Wednesday, 09 September 2020 / Published in Hacking

As part of this month’s Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software. Of the 129 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, ChakraCore, SQL Server, Exchange Server, Office,
The Hacker News

A week in security (August 31 – September 6)

Wednesday, 09 September 2020 / Published in Hacking

Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS compliance, and revealed that SMB security posture is weakened by COVID-19.

Other cybersecurity news

School’s out for cyber attacker: Arrests made after multiple DDoS attacks target district networks (Source: Miami-Dade office of communications)
Long arm of the law: British citizen extradited to the US regarding $ 2m in scam charges (Source: The Register)
Warning signs: Your servers could be at risk should you spot cryptomining activity taking place (Source: Help Net Security)
Election threats: How ransomware could spell trouble for the upcoming US election (Source: GovTech)
Lloyd’s bank phish warning: A scam SMS attack is the order of the day for this bank’s customers (Source: Computer Weekly)
COVID-19 scammers play on data breach fears: An interesting look at how old breach data is being repackaged to coax payment information from potential victims (Source: The Record)
Fake ASDA mails in circulation: Missives offering entry into a competition for a £1,000 gift card should be ignored (Source: My London)
Ad scams on TikTok: Researchers look at some of the ways bad ads make their way to the person holding the device (Source: Tenable)
I can’t dance to this: Warner music group stores compromised by hackers (Source: Bleeping Computer)
Fakes on Facebook: The social media giant takes down fake content run by a US-based pr firm (Source: Buzzfeed)

Stay safe, everyone!

The post A week in security (August 31 – September 6) appeared first on Malwarebytes Labs.

Malwarebytes Labs

August Security September WEEK

Microsoft releases OOB security updates for Microsoft Office

Wednesday, 22 April 2020 / Published in Hacking

Microsoft has released an out-of-band security update that fixes remote code execution vulnerabilities in an Autodesk FBX library integrated into Microsoft Office and Paint 3D applications. […] BleepingComputer

Microsoft Office Releases Security Updates

Binwalk – Firmware Security Analysis & Extraction Tool

Wednesday, 22 April 2020 / Published in Hacking

Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering, and extraction of firmware images.

Features of Binwalk Firmware Security Analysis & Extraction Tool

Scanning Firmware – Binwalk can scan a firmware image for many different embedded file types and file systems
File Extraction – You can tell binwalk to extract any files that it finds in the firmware image
Entropy Analysis – Can help identify interesting sections of data inside a firmware image
String Search – Allows you to search the specified file(s) for a custom string

There are also various filters such as by CPU architecture, number of instructions, include filter, exclude filter,

Installation of Binwalk Firmware Security Analysis & Extraction Tool

Download binwalk:

$ wget https://github.com/ReFirmLabs/binwalk/archive/master.zip
$ unzip master.zip

Install binwalk; if you have a previously installed version of binwalk, it is suggested that you uninstall it before upgrading:

$ (cd binwalk-master && sudo python setup.py uninstall && sudo python setup.py install)

Debian users can install all optional and suggested extractors/dependencies using the included deps.sh script (recommended):

$ sudo ./binwalk-master/deps.sh

If you are not a Debian user, or if you wish to install only selected dependencies, see the INSTALL documentation for more details.

Read the rest of Binwalk – Firmware Security Analysis & Extraction Tool now! Only available at Darknet.

Darknet

Analysis Binwalk Extraction Firmware Security Tool

Researcher Discloses 4 Zero-Day Bugs in IBM’s Enterprise Security Software

Wednesday, 22 April 2020 / Published in Hacking

A cybersecurity researcher today publicly disclosed technical details and PoC for 4 unpatched zero-day vulnerabilities affecting an enterprise security software offered by IBM after the company refused to acknowledge the responsibly submitted disclosure. The affected premium product in question is IBM Data Risk Manager (IDRM) that has been designed to analyze sensitive business information
The Hacker News

Bugs Discloses enterprise IBM’s Researcher Security Software ZeroDay

## Are you looking for products for hacking, computer security and penetration testing? Do you need to clean up your smartphone, your PC or your site from viruses and malware? Do you need to track down someone or retrieve urgent information? Do you want to buy devices already configured to experiment all the hacking techniques quickly and easily? Do you have special needs in software or hardware? ##

Contact us now … another 2300 users like you have already done it this year!

Click here now!