Zix: Attackers Increasingly Adopting New Techniques to Target Users
Cybercriminals are continuously expanding their toolkit by experimenting with new strategies and approaches in order to improve their effectiveness against...
Hacker Rewarded With $500,000 and a CSA Job by Poly Network
Lately, it has been a turbulence-filled time for Poly Networks. The company creates software to handle the exchange between different...
Database of 70 Million AT&T Users Being Sold on a Hacker Forum
The same threat actor is selling 70 million AT&T customers' records just days after the T-Mobile data leak. The data...
XLMMacroDeobfuscator – Extract And Deobfuscate XLM Macros (A.K.A Excel 4.0 Macros)
XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM...
Brutus – An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture
An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an IntroductionLooking for version...
US CISA releases guidance on how to prevent ransomware data breaches
The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks....
Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware
Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner,...
Emsisoft releases free SynAck ransomware decryptor
Emsisoft researchers have released a decryptor for the SynAck Ransomware that could allow victims of the gang to decrypt their...
Cloudflare mitigated the largest ever volumetric DDoS attack to date
Web infrastructure and website security company Cloudflare announced to have mitigated the largest ever volumetric DDoS attack to date. Cloudflare,...
CVE-2021-38589
Summary: In cPanel before 96.0.13, scripts/fix-cpanel-perl does not properly restrict the overwriting of files (SEC-588). Reference Links(if available): https://docs.cpanel.net/changelogs/96-change-log/ CVSS...
CVE-2021-38587
Summary: In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC-586). Reference Links(if available): https://docs.cpanel.net/changelogs/96-change-log/ CVSS Score (if...
CVE-2021-38585
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-38584
Summary: The WHM Locale Upload feature in cPanel before 98.0.1 allows XXE attacks (SEC-585). Reference Links(if available): https://docs.cpanel.net/changelogs/98-change-log/ CVSS Score...
CVE-2021-29376
Summary: ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the...
Largest DDoS attack ever reported gets hoovered up by Cloudflare
On the Cloudflare blog, the American web infrastructure behemoth that provides content delivery network (CDN) and DDoS mitigation services reports...
Confidential Terrorist Watchlist With 1.9Mn Records Exposed Online
Cyber security researcher Bob Diachenko has unearthed an unsecured ElasticSearch server containing nearly two million terrorist watchlist records, including "no-fly" list...
The Hacker Behind the Biggest Crypto Heist is Refusing to Return the Remaining Funds
The Poly Network attack took place two weeks ago, but the narrative is far from finished. Mr. White Hat, an...
Belarus Organizations are Being Targeted by Cyber Partisan
A clandestine hacking organization successfully attacked both the government of Belarus and their Police, which provided these criminals with access...
Google Play is Infested with Fake Crypto Mining Apps
Google has deleted eight bogus mobile apps from the Play Store that pretend to be bitcoin cloud-mining apps but are...
PackageDNA – Tool To Analyze Software Packages Of Different Programming Languages That Are Being Or Will Be Used In Their Codes
This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being...
FisherMan – CLI Program That Collects Information From Facebook User Profiles Via Selenium
Search for public profile information on FacebookInstallation# clone the repo$ git clone https://github.com/Godofcoffe/FisherMan# change the working directory to FisherMan$ cd...
Internet Systems Consortium (ISC) fixes High-Severity DoS flaw in BIND DNS Software
The Internet Systems Consortium (ISC) addressed a high-severity denial-of-service (DoS) flaw (CVE-2021-25218) affecting the BIND DNS software. The Internet Systems...
Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices
Mozi botnet continues to evolve, its authors implemented new capabilities to target Netgear, Huawei, and ZTE network gateways. Microsoft researchers...
Cisco warns of Server Name Identification data exfiltration flaw in multiple products
Unauthenticated attackers could bypass TLS inspection filtering solution in multiple products to exfiltrate data from previously compromised servers, Cisco warns....
