Koh – The Token Stealer
Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material via...
Year: 2022
A massive cyberattack hit Albania
A synchronized criminal attack from abroad hit Albania over the weekend, all Albanian government systems shut down following the cyberattack....
Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw
Researchers published an analysis of the Windows remote code execution vulnerability CVE-2022-30136 impacting the Network File System. Trend Micro Research...
Cobalt Stike Beacon Detected – 139[.]155[.]77[.]3:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]117[.]73[.]197:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]122[.]246[.]131:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]161[.]95:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment
The high-end British jeweler Graff paid a £6 million ransom after the ransomware attack it suffered in 2021. In September...
Daily Vulnerability Trends: Mon Jul 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22029Windows Network File System Remote Code Execution Vulnerability. This CVE ID is...
Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was...
Google is going to remove App Permissions List from the Play Store
Google is going to remove the app permissions list from the official Play Store for both the mobile app and...
HackerOne Bug Bounty Disclosure: information-disclosure-(-google-sales-channel-)byhydraxanon82
Programme HackerOne Shopify Shopify Submitted by hydraxanon82 hydraxanon82 Report Information disclosure ( Google Sales Channel ) Full Report A considerable...
Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing Tool
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as...
JukinMedia – 314,290 breached accounts
In October 2021, the "global leader in user-generated entertainment" Jukin Media suffered a data breach. The breach exposed 13GB of...
How to use Home Assistant / NodeRed to set up Holiday Lights to fake your presence.
So you have a smart home, you have all the lights set up and running as you like but you...
Cobalt Stike Beacon Detected – 180[.]76[.]161[.]95:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]132[.]237[.]65:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]101[.]92[.]94:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security Affairs newsletter Round 374 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
APT groups target journalists and media organizations since 2021
Researchers from Proofpoint warn that various APT groups are targeting journalists and media organizations since 2021. Proofpoint researchers warn that...
Critical flaw in Netwrix Auditor application allows arbitrary code execution
A vulnerability in the Netwrix Auditor software can be exploited to execute arbitrary code on affected devices. Bishop Fox discovered...
HackerOne Bug Bounty Disclosure: can-use-the-reddit-android-app-as-usual-even-though-revoking-the-access-of-it-from-reddit-combysateeshn
Programme HackerOne Reddit Reddit Submitted by sateeshn sateeshn Report Can use the Reddit android app as usual even though revoking...
HIVE Ransomware Victim: Carrolls Irish Gifts
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA urges to fix multiple critical flaws in Juniper Networks products
CISA urges admins to apply recently released fixes in Juniper Networks products, including Junos Space, Contrail Networking and NorthStar Controller....
