Posts From Mo Moin

An RSA Conference 2019 a panel representing the SANS Institute – featuring Heather Mahalik, director of forensics engineering at ManTech and mobile forensics course director, and Ed Skoudis, instructor, and Johannes Ullrich, dean of research – addressed the most dangerous

The Android caller ID app Dalil exposed online data belonging over 5 million users, security experts discovered a MongoDB database left accessible on the web without a password. The MongoDB behind the Android caller ID app Dalil was left exposed

Experts observed the STOP ransomware installing the Azorult password-stealing Trojan to steal account credentials, cryptocurrency wallets, and more. The STOP ransomware made the headlines because it is installing password-stealing Trojans on the victims’ machines. Experts observed the ransomware also installing

Ken Munro, partner at Pen Test Partners, opened his talk at RSA Conference 2019 by explaining how easy it was for him to hack a Wi-Fi-enabled tea kettle. In the online manual, he discovered the default password. To find out

Operating Systems can be detected using Ping Command, Ping is a computer network administration software utility, which used to find the Availability of a host on an Internet Protocol (IP) network. Ping operates by sending Internet Control Message Protocol (ICMP)

Experts found an unprotected server exposing online 4 MongoDB databases belonging to the email validation company Verifications.io. A new mega data leak made the headlines, an unprotected MongoDB database (150GB) belonging to a marketing company exposed up to 809 million

Deep Web Search Engine is an alternative search engine when we need to search something, then Google or Bing will the first choice hit in mind suddenly. But unlike the Deep Web Search Engine, Google and Bing will not give

SSL/TLS certificates are the backbones of secure communication, it encrypts the sensitive information that sent across the internet, so that, only the intended recipients can get access to it. The SSL/TLS certificates provides trust with lock icon and also provides

UPnP-enabled devices running outdated software are exposed to a wide range of attacks exploiting known flaws in UPnP libraries. A broad range of UPnP-enabled devices running outdated software are exposed to attacks exploiting known flaws in UPnP libraries, Tony Yang,

Researchers discovered the 150GB volume of biggest and most comprehensive email unprotected MongoDB that leaked 800 Million Email data online that belongs to Verifications.io. The leaked email contains sensitive information including personally identifiable information (PII) and the complete data being

Best Operating system for Ethical Hacking and Penetration Testing with Linux is the best option for every Security Researcher or Ethical Hacker. Here is the list of Top 10 Penetration Testing & Ethical Hacking Linux 2019. Linux is open source

Rural Jackson County, Georgia computer systems are infected with Massive Ryuk ransomware attack that leads to shut down all the operations. Since there is no way to recover the files back without the decryption key, officials paid $400,000 as a

Lynis is an open source security auditing tool. Its main goal is to audit and harden Unix and Linux based systems. It scans the system by performing many security control checks. Examples include searching for installed software and determine possible

A study conducted by academics discovered that SSL and TLS certificates and associated services can be easily acquired from dark web marketplaces. A study sponsored by Venafi and conducted by researchers from Georgia State University in the U.S. and the

Researchers at Pen Test Partners revealed in a proof of concept (PoC) that they were able to exploit vulnerabilities in two high-end “smart” alarms. In their PoC, the pen testers debunked third-party car alarm vendors’ claim to be the solution

Reconnaissance is a process to get information in-depth about the target. Keep gathering information until penetration testing phase is a bit difficult. Here we have a Python script called TIDOS which helps Hackers or Penetration testers. This toolkit will gather