Hacking Group That Targeted D.C. Police Briefly Posts Internal Police Files
Hackers who allegedly gained access to the D.C. police department's computer network briefly posted the personnel files of at least...
Year: 2021
New FiveHands Ransomware Deploy Into SonicWall Internal System
Earlier this year, money-oriented cybercriminals leveraged a zero-day vulnerability that has been introduced by SonicWall in its Secure Mobile Access...
Nginxpwner – Tool to look for common Nginx misconfigurations and vulnerabilities
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.Install:cd /optgit clone https://github.com/stark0de/nginxpwnercd nginxpwnerchmod +x install.sh./install.sh Usage:Target...
Paragon – Red Team Engagement Platform With The Goal Of Unifying Offensive Tools Behind A Simple UI
Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of...
Flaws in the BIND software expose DNS servers to attacks
The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE...
Babuk crew announced it will stop ransomware attacks
Babuk ransomware operators shut down their affiliate program and announced to stop using ransomware, the group plans to move on...
China-linked APT uses a new backdoor in attacks at Russian defense contractor
China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor A China-linked cyberespionage group targets a Russian defense...
CVE-2021-23987
Summary: Mozilla developers and community members reported memory safety bugs present in Firefox 86 and Firefox ESR 78.8. Some of...
CVE-2021-23988
Summary: Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption...
CVE-2021-31540
Summary: Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/...
CVE-2021-20088
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties...
CVE-2021-20087
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties...
Researchers sound the alarm after GitHub floats stricter policies
GitHub CEO Nat Friedman speaks at GitHub Universe 2020. GitHub on Thursday solicited the comments of the security research community...
Task Force delivers strategic plan to address global ransomware problem
The Ransomware Task Force (RTF), a think tank composed of more than 60 volunteer experts who represent organizations encompassing industries...
IoT riddled with BadAlloc vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has published advisory ICSA-21-119-04 about vulnerabilities found in multiple real-time operating systems (RTOS)...
What is an IP address? Do I need one?
An IP address tells computers how to find a certain device within a computer network. An IP address is like...
Experts reported cyber attacks from the U.S. during the Navalny rallies in Russia
DDoS attacks were launched against official websites of the Ministry of Foreign Affairs, Ministry of Labor, Ministry of Economic Development,...
Lloyds Bank Warns Britons of Phishing Scam That Could Drain Their Bank Accounts
LLOYDS BANK has issued an urgent warning to Britons as many have been attacked by a highly dangerous scam text...
Data Breach at Digital Oceans Leaves Customer Billing Data Exposed
Digital Ocean, a cloud solutions provider, informs certain clients that the billing information they receive may indeed be breached as...
Stop Tweeting, Says Click Studios: Phishers Use Breach Notification Information to Create New Lures
Click Studios, an Australian password protection company, claims that only a small percentage of its 29,000 customers were impacted by...
Credit Scores of Americans were Exposed Through Experian API
According to a researcher, almost every American's credit score was leaked due to an API platform used by the Experian...
Vaf – Very Advanced (Web) Fuzzer
very advanced fuzzer compilingInstall nim from nim-lang.org Run nimble build A vaf.exe file will be created in your directory ready...
SniperPhish – The Web-Email Spear Phishing Toolkit
SniperPhish is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish...
UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed
UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the...
