Haythem Elmir

A new Variant of Mirai Malware recently started recruiting devices IoT written by @mezy1337. This malware uses hosted servers to find and infect new victims . Samples were served from the IP 46.243.189.102 Malware Samples: 10f0429cee0a52a569c14bee727f3f66:VAMPWROTESATORI.x86 3672ec68839541e7263f491ce9407ec9:vermelho.i686 156e888c32c38677ae970b3a944e8e0e:vermelho.arm7 b125deca7501e13667eaf0804d44a5a7:vermelho.m68k 1406cf02d6af6c2a33f86f93feebdc55:cpuvuln.x86 11e887988687b66cb29a5d395797b0e6:vermelho.mips64 e524abeb037e5295d8341519883ec733:vermelho.mips fb926ee35a240e1bd6761c2d416ef392:vermelho.i486 f9e73ae79a618df43b3bf0ff06818979:vermelho.x86_64 b89870c84f62606b8c1337f120198362:vermelho.sh4 98c35212c42a39cac579afbfb271ba9c:vermelho.arm5 9229e931e806b30967863a1d0f78fb3e:vermelho.mipsel d54456cc11c710f6b4431e0e9593ac02:vermelho.arm6 93b642bb132f757617ff3221ebefab53:vermelho.powerpc-440fp 1da0c2b1c860c334b3220687b15c1e95:vermelho.powerpc c19c397f73adbb3a8247f8670a895e30:vermelho.x86 53b539f6f9824d538f5a28f29ba2e9c4:vermelho.arm4 fb94e136404fcd1de3ba95cb09d8f6ba:vermelho.sparc […]

Cybercriminals are using the most sophisticated techniques to bypass the security controls in various organization such as  IT, medical, manufacturing industries, energy sectors, even government entities. Sometimes developers are creating a backdoor for a legitimate purpose such as maintenance and easy accessibility during the technical issue via a remote location. But […]

Researchers from Checkpoint spotted a free online builder for building customized binaries for the popular info-stealer Azorult malware that steals user passwords, credit card information, cryptocurrency related data. The Gazop service emerged as a result of the source code leak of Azorult’s panel version 3.1 and 3,2. the free Gazorp service […]

Even though phishing attacks can be quite convincing, a give away is when diligent users notice that the login form is unsecured or the SSL certificate is clearly not owned by the company being impersonated. A new Office 365 phishing attack utilizes an interesting method of storing their phishing form […]

Experts discovered nine vulnerabilities affecting NAS devices that could be exploited by unauthenticated attackers to access protected content. Nine flaws affecting NAS devices could be exploited by unauthenticated attackers to access protected content. The vulnerabilities are traked as CVE-2018-9074, CVE-2018-9075, CVE-2018-9076, CVE-2018-9077, CVE-2018-9078, CVE-2018-9079, CVE-2018-9080, CVE-2018-9081 and CVE-2018-9082. According to Lenovo, the flaws affect 20 models of network attached storage […]

UPDATE: Instagram is now back online after almost an hour-long outage. It’s still unclear what caused the problems but users are now able to access their account. ORIGINAL STORY: Instagram users are facing a morning without access to the popular social media service as both the app and website appear to be down […]

Wifiphisher is an open source framework that can be utilised for red team engagements for wireless networks through Man in the Middle attacks. The tool is capable of using the modern wifi association techniques, such as Known Beacons, KARMA, and Evil Twin. With the ‘Known Beacons’ technique, Wifiphisher broadcasts ESSIDs […]