XLS Entanglement
VBA tradecraft is constantly evolving and this past winter, I came across some articles from Adepts of 0xCC. Specifically, their...
VBA tradecraft is constantly evolving and this past winter, I came across some articles from Adepts of 0xCC. Specifically, their...
wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themesThe author...
Complete Arsenal of Memory injection and other techniques for red-teaming in WindowsWhat does Injector do?Process injection support for shellcode located...
Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The...
Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as...
The infrastructure and leak sites used by the REvil ransomware gang for its operations went offline last night. Starting last...
A CyberNews investigation uncovered a network of wallet addresses used by a scammer group to store and cash out millions...
Adobe addressed multiple critical vulnerabilities in several products, including Adobe Acrobat and Reader application. Adobe addressed multiple critical remote code...
Summary: An improper neutralization of special elements used in an OS Command vulnerability in the administrative interface of FortiMail before...
Summary: A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a...
Summary: Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public...
Summary: NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability in the login flow when a user tries...
Summary: PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response....
 Cybersecurity researchers at Canadian firm Software Secured identified a critical flaw in Less.js, a widely used preprocessor language. According to...
Financial organizations are planning to launch a pilot project of a system for accounting and analyzing telephone fraud, said Alexey...
 The year 2021 will be remembered as a watershed moment for cryptocurrencies. Despite its ups and downs, Bitcoin is still...
 Magecart-affiliated cybercriminals have adopted a new approach for obfuscating malware code within comment blocks and embedding stolen credit card data...
 The US-based telecommunication firm Mint Mobile has announced that it has suffered a data violation which has let several telephone...
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively...
DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS records, it uses different...
ModiPwn flaw (CVE-2021-22779) in some of Schneider Electric’s Modicon PLCs can allow attackers to bypass authentication mechanisms and take over...
NetBlocks reported partial disruption to social media and messaging platforms in Cuba from 12 July 2021 shortly after Cubans went...
American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In...
SolarWinds confirmed that a threat actor is actively exploiting a new zero-day vulnerability in Serv-U products and urges customers to fix it....