Cypher – Crypto Cipher Encode Decode Hash
All in one tools for CRYPTOLOGY. Instagram: Capture the RootScreenshotsHow to use FeaturesThis tool include: HASH RSA XOR AES (ECC)...
ATTPwn – Tool Designed To Emulate Adversaries
ATTPwn is a computer security tool designed to emulate adversaries. The tool aims to bring emulation of a real threat...
Patch Tuesday – February 2021
The second Patch Tuesday of 2021 is relatively light on the vulnerability count, with 64 CVEs being addressed across the...
Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installs
The development team behind the NextGen Gallery plugin has addressed two severe CSRF vulnerabilities that could have allowed site takeover....
Microsoft to notify Office 365 users of nation-state attacks
Microsoft implements alerts for ‘nation-state activity’ in the Defender for Office 365 dashboard, to allow organizations to quickly respond. Since...
Hackers attempted to poison the water supply of a US city
Pinellas Sheriff revealed that attackers tried to raise levels of sodium hydroxide, by a factor of more than 100, in...
Google launches Open Source Vulnerabilities (OSV) database
Google announced the launch of OSV (Open Source Vulnerabilities), a vulnerability database and triage infrastructure for open source projects. Google...
CVE-2020-13579
Summary: An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A...
CVE-2018-17095
Summary: An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0....
CVE-2020-1967
Summary: Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due...
CVE-2020-27222
Summary: In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the...
CVE-2020-12525
Summary: M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted...
Android devices caught in Matryosh botnet
Researchers at Netlab have discovered a new botnet that re-uses the Mirai framework to pull vulnerable Android devices into DDoS...
How NOT to fail at PDF redaction
The heated spat between Europe and AstraZeneca over a contract has segued into an unexpected blunder that left many of...
A week in security (February 1 – February 7)
Last week on Malwarebytes Labs, we dug into a load of security events. We first peered into how Fonix ransomware...
Domestic Kitten – An Iranian Surveillance Operation
 Check Point researchers as of late revealed the full degree of Domestic Kitten's broad surveillance operation against Iranian residents that...
Experts Confirm Shady Ransomware Business, Block-chain Transactions on Rise
 Chainalysis, a blockchain investment firm, recently published a report that confirms that ransomware operating cybercrime groups don't always work in...
Nespresso Prepaid Vending Machines Hacked by a Belgian Researcher for Free Coffee
 Polle Vanhoof, a Belgian cybersecurity researcher discovered there a flaw in the older Nespresso prepaid coffee machine smart cards and...
Plex Media Servers Actively Abused To Amplify DDoS Attacks
Research workers with NetScout's Atlas Security Engineering and Response Team have warned against the threat actors campaign, they said that...
Hackers Used Internet Explorer Zero-Day Vulnerability To Target Security Researchers
 In recent times, during the attacks against the security and vulnerability researchers in North Korea, an Internet Explorer zero-day vulnerability...
Wifi-Password – Quickly Fetch Your WiFi Password And If Needed, Generate A QR Code Of Your WiFi To Allow Phones To Easily Connect
Quickly fetch your WiFi password and if needed, generate a QR code of your WiFi to allow phones to easily...
Ditto – A Tool For IDN Homograph Attacks And Detection
Ditto is a small tool that accepts a domain name as input and generates all its variants for an homograph...
Domestic Kitten has been conducting surveillance targeting over 1,000 individuals
Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Domestic Kitten,...
Novel phishing technique uses Morse code to compose malicious URLs
Cybercriminals devised a new phishing technique that leverages the Morse code to hide malicious URLs and bypass defense. Experts spotted...
