Russian researchers developed methodology to predict cyber risks
Scientists from St. Petersburg Polytechnic University have developed a methodology for assessing cyber risks in smart city systems. The developed...
Thousands of Cryptocurrency Users Targeted by Tor Network Exit Nodes
Cybersecurity researchers have said a threat actor has been adding malicious servers into the Tor network to intercept traffic heading...
Three Affiliated Tribes—The Mandan, Hidatsa & Arikara Suffers Ransomware Attack
On the 28th of April Three Affiliated Tribes – the Mandan, Hidatsa, and Arikara nation – informed their workers that...
US and Australia Warn of Rise in Avaddon Ransomware Attacks
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) have issued an alert about an ongoing...
Ransomware world in 2021: who, how and why
As the world marks the second Anti-Ransomware Day, there’s no way to deny it: ransomware has become the buzzword in...
ByeIntegrity-UAC – Bypass UAC By Hijacking A DLL Located In The Native Image Cache
Bypass User Account Control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level. RequirementsAdministrator account...
APSoft-Web-Scanner-v2 – Powerful Dork Searcher And Vulnerability Scanner For Windows Platform
APSoft Webscanner Version 2new version of APSoft Webscanner Version 1Software picturesWhat can i do with this ?with this software, you...
FragAttacks vulnerabilities expose all WiFi devices to hack
Security researcher discovered a series of flaws, collectively tracked as FragAttacks, that impact the WiFi devices sold for the past...
Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities
Thousands of public-facing devices can be accessed anywhere in the world, from the US to Russia, from London to Johannesburg....
TeaBot Android banking Trojan targets banks in Europe
Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in...
NSA and ODNI analyze potential risks to 5G networks
U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence...
Hackers target Windows users exploiting a Zero-Day in Reader
Adobe confirmed that a zero-day vulnerability affecting Adobe Reader for Windows has been exploited in the wild in limited attacks....
Researcher hacked Apple AirTag two weeks after its launch
Apple AirTag has been launched less than two weeks ago, but a security researcher already claims to have hacked them. The Apple...
CVE-2020-27652
Summary: Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and...
CVE-2020-27653
Summary: Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and...
CVE-2020-28392
Summary: A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrect...
CVE-2021-26564
Summary: Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to...
CVE-2016-4838
Summary: The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward...
Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies
The ransomware attack on Colonial Pipeline last week caused the White House to hold emergency meetings to possibly strengthen a...
Avaddon ransomware campaign prompts warnings from FBI, ACSC
Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an...
GitHub Announced Security Key Support for SSH Git Operations
When using Git over SSH, GitHub, the ubiquitous host for software creation and version control (and unfortunate victim of a...
Short story about Clubhouse user scraping and social graphs
TL;DRDuring this RedTeam testing, Hexway team used Clubhouse as a social engineering tool to find out more about their client’s...
VAST – Visibility Across Space And Time
The network telemetry engine for data-driven security investigations. Getting Started — Installation — Documentation — Development — Changelog — License...
Baserunner – A Tool For Exploring Firebase Datastores
A tool for exploring and exploiting Firebase datastores.Set upgit clone https://github.com/iosiro/baserunner.git cd baserunner npm install npm run build npm start...
