Xpykerz

2023-03-03 15:26:46 Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

#News

Posted On : Thu, 02 Mar 2023 16:51:00 +0530

A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan.
The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind.
"The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to an

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:26:46 2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

#News

Posted On : Thu, 02 Mar 2023 17:05:00 +0530

As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser security vendor, finds that attackers are exploiting this reality and are targeting it in increasing

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:26:45 New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers

#News

Posted On : Thu, 02 Mar 2023 17:09:00 +0530

Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file transfer service to implement its attack.
"Underpinning this campaign was the use of transfer[.]sh," Cado Security said in a report shared with The Hacker News. "It's possible that it's an attempt at evading detections based on other common code

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:25:44 Hackers Exploit Containerized Environments to Steal Proprietary Data and Software

#News

Posted On : Thu, 02 Mar 2023 19:10:00 +0530

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software.
"The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary software and credentials," Sysdig said in a new report.
The advanced cloud attack also entailed the

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:25:40 All In One | TryHackMe

#ctf
#WriteUps
#Medium

By : orypersec
Scanning

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:25:38 Smag Grotto | TryHackMe Walkthrough

#ctf
#WriteUps
#Medium

By : nihirzala
The first enumeration that I do is running nmap scan where the nmap discover service SSH and HTTP.

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:24:20 Agent Sudo — TryHackMe

#ctf
#WriteUps
#Medium

By : BaldrTheKing
This is an easy room from TryHackMe, which is “half-guided” with several questions leting us know where to look next.

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:24:19 Basic Pentesting Writeup

#ctf
#WriteUps
#Medium

By : boyrashack
Hecho por boyras200

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:24:17 Kase Scenarios: Solving The “Dark Waters” Promotional Invitation

#ctf
#WriteUps
#Medium

By : ajmeese7
Using OSINT to solve a fun teaser related to the upcoming Kase Scenarios challenge.

Share And Support
@Xpykerz Open / Comment

2023-03-03 15:22:56 Directory Traversal, File Include, File Upload — Web For Pentester 1

#bugbounty
#WriteUps
#Medium

By : kawsaruddin238
Here I will complete the lab on directory traversal from the web for pentester-1. The whole process is done in a virtual box, not on the…

Share And Support
@Xpykerz Open / Comment