Threat landscape for industrial automation systems in H1 2021
The H1 2021 ICS threat report at a glance Percentage of ICS computers attacked During the first half of 2021...
Owt – The Most Compact WiFi Auditing Tool That Works On Command Line Linux
This tool compiles some necessary tools for wifi auditing in a unix bash script with a user friendly interface....
Graphw00F – GraphQL fingerprinting tool for GQL endpoints
Credits to Nick Aleks for the logo!How does it work?graphw00f (inspired by wafw00f) is the GraphQL fingerprinting tool for GQL...
Millions of Microsoft web servers powered by vulnerable legacy software
CyberNews researchers identified more than 2 million web servers worldwide still running on outdated and vulnerable versions of Microsoft Internet...
TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide
The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Researchers...
Yandex is under the largest DDoS attack in the history of Runet
The Russian internet service provider Yandex is under a massive distributed denial-of-service (DDoS) attack that began last week. The Russian...
Zoho warns of zero-day authentication bypass flaw actively exploited
Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the...
Personal information of 7 million Israelis available for sale
A threat actor that goes online with the moniker ‘Sangkancil’ claims to have stolen the personal information of 7 million...
Groove gang leaks list of 500k credentials of compromised Fortinet appliances
Groove gang leaked online Fortinet credentials that could be used to breach networks of organizations using the compromised devices. The financially...
CVE-2017-5156
Summary: A Cross-Site Request Forgery issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. The...
CVE-2018-7720
Summary: A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation....
CVE-2014-5086
Summary: A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to...
CVE-2021-35221
Summary: Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the...
CVE-2021-36068
Summary: Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a...
Sextortion on the rise, warns FBI
The pandemic saw a surge in sextortion cases in 2020. Fast forward 12 months, and the numbers continue to rise...
Windows MSHTML zero-day actively exploited, mitigations required
Several researchers have independently reported a 0-day remote code execution vulnerability in MSHTML to Microsoft. The reason it was reported...
As Crypto Exchange Attacks Surge Users Must Protect Their Crypto Wallets
As cryptocurrency goes from being an academic concept to becoming a type of transaction that has the potential to significantly...
CBI Investigates Hacking Incident in Jee Maine Examination, Three Director Arrested
CBI (Central Bureau of Investigation) is investigating the chances of a potential hack into TCS' iON digital platform related to...
Howard University Cancels Online and Hybrid Classes After Ransomware Attack
Washington, D.C’s Howard University, one of the largest Black Schools in the United States, has canceled online and hybrid classes...
43% of all Malware Installations are Concealed in Microsoft Office Documents
Companies have now employed hundreds of cloud applications to use due to the transition from work from the office to...
Berlin accused Russian hackers of preparing cyberattacks before the elections
Andrea Sasse, a spokesman for the German Foreign Ministry, said that German intelligence agencies are recording the growing activity of...
SharpStrike – A Post Exploitation Tool Written In C# Uses Either CIM Or WMI To Query Remote Systems
GUI version: Solution ArchitectureSharpStrike is composed of three main projects ServiceLayer -- Provides core functionality and consumed by the UI...
TREVORspray – A Featureful Round-Robin SOCKS Proxy And Python O365 Sprayer Based On MSOLSpray Which Uses The Microsoft Graph API
TREVORproxy is a SOCKS proxy that round-robins requests through SSH hosts. TREVORspray is a A featureful Python O365 sprayer based...
Russian communications watchdog Roskomnadzor blocks access to 6 VPNs
Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN...
