Linux, MacOS Malware Hidden in Fake Browserify NPM Package
Over the course of the weekend, Sonatype's automated malware detection system spotted a serious exceptional malware sample published to the...
Banks have assessed the security of digital ruble payments
Major Russian banks are ready to take part in testing the digital ruble and have no doubt that it will...
Cybercriminals Are Using Google URLs as a Weapon to Spread Malware
Security researchers at Microsoft warned the organizations of a new phishing campaign, they have been tracking activity where contact forms...
Russian expert give tips on how to protect yourself from “eavesdropping” on your smartphone
A smartphone can "eavesdrop" on its owner, said information and computer security expert Sergei Vakulin. In an interview with Radio...
Research Study shows that 100 Million IOT Devices are at Risk
Forescout Research Labs has disclosed a new collection of DNS vulnerabilities in collaboration with JSOF, potentially impacting over 100 million...
MoveKit – Cobalt Strike Kit For Lateral Movement
Movekit is an extension of built in Cobalt Strike lateral movement by leveraging the execute_assembly function with the SharpMove and...
Adfsbrute – A Script To Test Credentials Against Active Directory Federation Services (ADFS), Allowing Password Spraying Or Bruteforce Attacks
A script to test credentials against Active Directory Federation Services (ADFS), calculating the ADFS url of an organization and allowing...
FireEye: 650 new threat groups were tracked in 2020
FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked...
FBI silently removed web shells planted on Microsoft Exchange servers in the US
FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious...
Sweden blames Russia for Swedish Sports Confederation hack
The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish...
Microsoft fixes 2 critical Exchange Server flaws reported by the NSA
Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the...
Adobe addresses two critical vulnerabilities in Photoshop
Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Adobe has fixed ten security...
NAME:WRECK, a potential IoT trainwreck
A set of vulnerabilities has been found in the way a number of popular TCP/IP stacks handle DNS requests. Potentially...
Sorry, Joe Biden isn’t offering you a work visa, it’s a scam
A US diplomatic mission in Nigeria warns of a visa scam affecting Nigerian citizens looking to move to the United...
NCSC Warns of Exploited VPN Servers: Here are the Safety Tips to Fix Your VPN
The UK’s Nationwide Cyber Safety Centre (NCSC) has published a new advisory warning that cybercriminals as well as Advanced Persistent...
500,000 Huawei Devices hit by the Joker Malware
Security researchers have discovered that over 500,000 Huawei smartphone users who inadvertently subscribe to premium mobile services have downloaded apps...
New Malware Downloader Spotted in Targeted Campaigns
In recent weeks, a relatively sophisticated new malware downloader has emerged that, while not widely distributed yet, appears to be...
APKPure Compromised to Deliver Malware
APKPure, one of the biggest alternative application stores outside of the Google Play Store, was tainted with malware this week,...
Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group,...
Traitor – Automatic Linux Privesc Via Exploitation Of Low-Hanging Fruit E.G. GTFOBin
Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of...
Ronin – A Ruby Platform For Vulnerability Research And Exploit Development
Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of...
Experts released PoC exploit code for a critical RCE in QNAP NAS devices
The exploit code for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station...
Millions of devices impacted by NAME:WRECK flaws
Security experts disclosed nine flaws, collectively tracked as NAME:WRECK, affecting implementations of the DNS protocol in popular TCP/IP network communication...
Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021
An Indian security researcher has published a proof-of-concept (PoC) exploit code for a vulnerability impacting Google Chrome and other Chromium-based...
