Reconftw – Simple Script For Full Recon
This is a simple script intended to perform a full recon on an objective with multiple subdomains tl;drRequires Go Run...
MobileHackersWeapons – Mobile Hacker’s Weapons / A Collection Of Cool Tools Used By Mobile Hackers
A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting WeaponsOSTypeNameDescriptionAllAnalysisRMS-Runtime-Mobile-SecurityRuntime Mobile Security (RMS) - is a...
You Can Now Buy (And Renew) Five More Rapid7 Products Through AWS Marketplace
Purchasing software through AWS Marketplace has to be one of the most under-appreciated perks of being an Amazon Web Services...
Livecoin halted operations after the December attack
The Russian cryptocurrency exchange Livecoin has announced it is terminating its operation following the December cyberattack. The Russian cryptocurrency exchange...
FireEye releases an auditing tool to detect SolarWinds hackers’ activity
Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached...
Malwarebytes ‘s email systems hacked by SolarWinds attackers
Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed...
Raindrop, a fourth malware employed in SolarWinds attacks
The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts...
CVE-2020-8277
Summary: A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could...
CVE-2020-9327
Summary: In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column...
CVE-2020-9484
Summary: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if...
CVE-2020-9490
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
CVE-2021-1685
Summary: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1685...
Fourth SolarWinds malware strain shows diversity of tactics
Researchers have found a fourth strain of malware – Raindrop – that was used in the SolarWinds supply chain attack,...
The story of ZeroLogon
This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After...
Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments
A nation state attack leveraging software from SolarWinds has caused a ripple effect throughout the security industry, impacting multiple organizations....
More Than 22 Billion Records Revealed in Data Leaks in 2020
A new record has been set with regards to the data breach, ‘more than 22 billion records were revealed globally...
Patrons Become Victim to Depop Hacks
Since the lockdown started in March, there has been a significant spike in online shopping. This has become a big...
Hackers Altered the Covid-19 Vaccine Records
The European Union's drug regulator has said that COVID-19 vaccine documents that were purloined from its servers in a cyberattack...
Kali and BC Security Partnership
Background In November, Kali announced a new program for supporting tool developers, which kicked off with sponsoring Byt3Bl33d3r. We are...
Git-Wild-Hunt – A Tool To Hunt For Credentials In Github Wild AKA Git*Hunt
A tool to hunt for credentials in the GitHub wild AKA git*huntGetting startedInstall the tool Configure your GitHub token Search...
HosTaGe – Low Interaction Mobile Honeypot
HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless...
InsightIDR: 2020 Highlights and What’s Ahead in 2021
LEQL Multi-groupby in InsightIDRFor a look at the most up-to-date list of Log Search capabilities, check out our help documentation...
FreakOut botnet target 3 recent flaws to compromise Linux devices
Security researchers uncovered a series of attacks conducted by the FreakOut botnet that leveraged recently discovered vulnerabilities. Security researchers from...
Vishing attacks conducted to steal corporate accounts, FBI warns
The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The...
