Nmap ("Network Mapper")

Nmap ("Network Mapper") is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

Features

• Host discovery - Identify hosts on a network.
• Port scanning - Enumerate the open ports on one or more target hosts.
• Version detection - Interrogate network services listening on remote devices to determine the application name and version number.
• OS detection - Remotely determine the operating system and some hardware characteristics of network devices.
• Scriptable interaction with the target - Using Nmap Scripting Engine and the Lua language, customized queries can be made.
• Reverse DNS lookup.
• Find device type information.
• Retrieve MAC addresses and many more.

Download:-Nmap download

Topera- The IPv6 port scanner invisible to Snort IDS.

Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort. Snort is the most known IDS/IPS and is widely used in many different critical environments. Some commercial tools (Juniper or Checkpoint ones) use it as detection engine also. Mocking snort detection capabilities could suppose a high risk in some cases.
 Fixed some bugs: - Get local IPv6 address - Get local ethernet interface - sniffer packet counter - Some minor fixes. 
You can see an example of execution of Topera in link below demo  video.
Download Topera IPv6 port scanner.

Android app SwiftKey Keyboard turned into a Keylogger app.

One of the best 3rd party Android Mobile Keyboard called 'SwiftKey' turned into a Keylogger Trojan by an Android developer to show the possible security threat of downloading pirated cracked apps from non-official App Stores and websites , "anyone pirating Swiftkey is taking a serious risk" developer said.

 He demonstrated how to inject a Keylogger snippets of code into a legitimate Android Keyboard application that infected a mobile device with Trojan, connected with a remote server and transmitted data from the device inducing your all key logs.

Android apps are coded in Java and compiled to byte code that is run on the Dalvik VM and this byte code is not that hard to edit and insert back into an APK." he explained.

He developed a keylogger from SwiftKey(APK Download), a malicious Java program designed to collect and send all key logs to a remote server (Check Keylogs) Along with the host IP address. He explained the complete code also on his blog.

Android malware is growing at a far more rapid pace than for other mobile platforms. For a Cyber Criminals, it is not important to develop their own malware program from scratch, Reversing ready-mate apps and inserting malware code can easily make their job more easy.

 Be careful from where you are downloading apps and think about the permissions and consider what the app is asking to do, and

Skype Malware that turns computers into Bitcoin miners.

Increasingly  desperate  to  cash  in  on  the  sky-rocketing  price  of  Bitcoin  these days,  gangs  of  cybercriminals  have  designed  a  new  malware  that’s  infecting computers  via  Skype in an attempt to build a botnet massive enough to start mining the virtual currency.

Researchers from Kaspersky Lab have discovered a new spam message campaign being transmitted via Skype contains malware capable of using an infected computer to mine for Bitcoins. The malware, identified as Trojan.Win32.Jorik.IRCbot.xkt.
According to Kaspersky Lab,  the average click rate for the rogue URL is high, at over 2,000 clicks per hour, and the creators of this malware had used it to seize control of hundreds of computers in Russia, Germany, Ukraine, Poland, Spain and other countries.

The malware spreads itself by infecting the Skype VoIP program, using the age old

AirDroid security flaw allows hackers to perform Dos attack from your Android device.

AirDroid, a free app which provides wireless management of your Android phone or tablet from any browser on the same Wi-Fi network, has a dangerous cross-site scripting (XSS) vulnerability which allow hackers  to perform Dos attack from your Android device.

Cross Site scripting or XSS vulnerability in the browser version of AirDroid allows an attacker to send a malicious text message to the browser associated with the account when attacker is able to get access to a phone with AirDroid installed.

According to the Department of Homeland Security’s  Vulnerability Notes Database ,

Evernote account used as Command-and-Control Server by Hackers.

Cyber criminals are using popular note-taking app Evernote as Command-and-Control Server to give commands to the malware installed on infected PCs using botnets.

TrendMicro uncovered a malware detected as “BKDR_VERNOT.A” tried to communicate with Command-and-Control Server using Evernote.

Malware delivered via an executable file that installs the malware as a dynamic-link library. The installer then ties the DLL into a legitimate running process, hiding it from casual detection. Once installed, BKDR_VERNOT.A can perform several backdoor commands such as downloading, executing, and renaming files. It then gathers information from the infected system, including details about its OS, timezone, user name, computer name, registered owner and organization.

NinjaWPass - Protect WordPress against keyloggers and stolen passwords

NinjaWPass is a free WordPress plugin written to protect your blog administration console. It makes it basically impossible for a hacker who stole your password to log in to your console.

The way it works is simple but very efficient :
All you need to do is to define a second password (AKA the NinjaWPass password) from 10 to 30 characters.
At the WordPress login prompt, besides your current password, you will be asked to enter 3 randomly chosen characters from your NinjaWPass password. Whether your computer is infected by a keylogger or someone is spying over your shoulder, this protection will keep them away. 

Additionally, the plugin offers the possibility to receive an alert by email whenever someone logs into your WordPress admin interface.

Download NinjaWPass