Published another "breadcrumbs" piece today, this one tracing the source of a cloud service that resells a cracked version of the Acunetix web app vulnerability scanner that is being used to compromise tens of thousands of websites and steal gobs of data. "Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey." (spoiler alert: They have a profile here on Linkedin).
Klasse Detektivarbeit, Gratuliere für das finden der Verursacher. Jetzt müssen nur noch die staatlichen Stellen aktiv werden. 👏
Those vulnerabilities are found by other tools, too, no?
Michael S.
2d
So Brian Krebs provide a service that people are drawn to out of engineered paranoia, then use that service to leverage further the paranoia machines effects?
Apropos nothing in particular… Nikto. https://securitytrails.com/blog/nikto-website-vulnerability-scanner
That's a crucial aspect of cybersecurity that often goes overlooked Brian Krebs These are the vulnerabilities we need to continuously address.
Acunetix is a great, easy-to-use scanner, especially at that price point.
👔👨💼👩💼🗄️ Gig economy!