New TA886 group targets companies with custom Screenshotter malware

The TA886 hacking group targets organizations in the United States and Germany with new spyware tracked as Screenshotter. A recently discovered threat actor, tracked as TA886 by security firm Proofpoint, is targeting organizations in the United States and Germany with new malware dubbed Screenshotter. The experts first spotted the attacks attributed to this threat actor […]

The post New TA886 group targets companies with custom Screenshotter malware appeared first on Security Affairs.

how do I unlock the locked text here?

I think this website uses some different kind of paywall, I know exactly where the content gets locked. attaching that code in the comment ​ https://preview.redd.it/yn8vdlqnbdha1.png?width=1920&format=png&auto=webp&s=9771a2641…

Hacking the Tax Code

The tax code isn’t software. It doesn’t run on a computer. But it’s still code. It’s a series of algorithms that takes an input—financial information for the year—and produces an output: the amount of tax owed. It’s incredibly complex code; there are a bazillion details and exceptions and special cases. It consists of government laws, rulings from the tax authorities, judicial decisions, and legal opinions.

Like computer code, the tax code has bugs. They might be mistakes in how the tax laws were written. They might be mistakes in how the tax code is interpreted, oversights in how parts of the law were conceived, or unintended omissions of some sort or another. They might arise from the exponentially huge number of ways different parts of the tax code interact…

Reddit discloses security breach that exposed source code and internal docs

Social news aggregation platform Reddit suffered a security breach, attackers gained unauthorized access to internal documents, code, and some business systems. Reddit announced it was hit by a sophisticated and highly-targeted attack that took place on February 5, 2023. A highly-targeted phishing attack hit the employees of the company. The company pointed out that Reddit […]

The post Reddit discloses security breach that exposed source code and internal docs appeared first on Security Affairs.

Database of default usernames and passwords?

Hi,

As a pentester I frequently come around services that use their default username/password combination.
My approach is, I find out what device/service/software it is, and then I google for the default password to try.

Is there a website somewhere, where you can input e.g. a software vendor, and it returns username/password combinations for their tools? Would save me some time.

If it doesn’t exist yet, I might start making my own..

submitted by /u/kappadoky
[link] [comments]

How do you use the search function in metasploit?

Trust me, I feel stupid asking this, but how does the search function work? Check this out:

msf6 > search name:wordpress_login [-] No results from search msf6 > use wordpress_login_enum Matching Modules ================ # Name Disclosure Date Rank Check Description - ---- --------------- ---- ----- ----------- 0 auxiliary/scanner/http/wordpress_login_enum normal No WordPress Brute Force and User Enumeration Utility Interact with a module by name or index. For example info 0, use 0 or use auxiliary/scanner/http/wordpress_login_enum 

Why didn’t it return the result “wordpress_login_enum” when I searched “wordpress_login” ? How can I more effectively use the search function?

submitted by /u/Lazy-Reserve-131
[link] [comments]

Anonymous hosting

I have 2 goals Not be tracked 2.host a website anonymously I have only ever used windows and hosted sites using IIS. I think I will need linux. Here are my plans please help me out 1.) Use public library computer to contact someone on craigslist for …

problem with getting handshake

Hello, i am new in it. And i have a problem with wifi hacking tools. When i use aircrack-ng or wifite i cant get a handshake. Does anyone know how to solve it? Sorry for mistakes, English is not my native language. submitted by /u/fughes …

Android mobile devices from top vendors in China have pre-installed malware

Researchers reported that the top-of-the-line Android mobile devices sold in China are shipped with malware. China is currently the country with the largest number of Android mobile devices, but a recent study conducted by researchers from the University of Edinburgh and the Trinity College of Dublin revealed that top-of-the-line Android devices sold in the country […]

The post Android mobile devices from top vendors in China have pre-installed malware appeared first on Security Affairs.