New ‘Karakurt’ cybercrime gang focuses on data theft and extortion
Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. Accenture researchers detailed the...
hacking
ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos
AD Enum is a Microsoft Advanced Threat Analytics ATA detects two suspicious events but does not trigger an alert: The...
Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE
Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly...
Volvo Cars suffers a data breach. Is it a ransomware attack?
Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish...
Tarian – Antivirus for Kubernetes
We want to maintain this as an open-source project to fight against the attacks on our favorite Prerequisites A kubernetes...
Australian ACSC warns of Conti ransomware attacks against local orgs
The Australian Cyber Security Centre (ACSC) warns of Conti ransomware attacks again multiple Australian organizations. The Australian Cyber Security Centre...
A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants
Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose...
1.6 million WordPress sites targeted in the last couple of days
Wordfence experts detected a massive wave of attacks in the last couple of days that targeted over 1.6 million WordPress sites. Wordfence...
DInjector – Collection Of Shellcode Injection Techniques Packed In A D/Invoke Weaponized DLL
This repository is an accumulation of my code snippets for various shellcode injection techniques using fantastic D/Invoke API by @TheWover...
BlackCat ransomware, a very sophisticated malware written in Rust
BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from...
Dark Mirai botnet spreads targeting RCE on TP-Link routers
A botnet tracked as Dark Mirai spreads by exploiting a new vulnerability affecting TP-Link TL-WR840N EU V5 home routers. Dark...
AFLTriage – Tool To Triage Crashing Input Files Using A Debugger
AFLTriage is a tool to triage crashing input files using a debugger. It is designed to be portable and not...
Mozilla fixed high-severity bugs in Firefox and Thunderbird mail client
Mozilla released security updates for the Firefox browser and Thunderbird mail client to address multiple vulnerabilities. Mozilla released security updates...
Crooks injects e-skimmers in random WordPress plugins of e-stores
Threat actors are injecting credit card swipers into random plugins of e-commerce WordPress sites, Sucuri researchers warn. Sucuri researchers are...
O365Spray – Username Enumeration And Password Spraying Tool Aimed At Microsoft O365
For educational, authorized and/or research purposes only. o365spray a username enumeration and password spraying tool aimed at Microsoft Office 365...
Tens of malicious NPM packages caught hijacking Discord servers
Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking Discord servers. JFrog researchers have...
Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products
Moobot is a Mirai-based botnet that is leveraging a critical command injection vulnerability in the webserver of some Hikvision products....
Microsoft Vancouver leaking website credentials via overlooked DS_STORE file
CyberNews researchers discovered a Desktop Services Store (DS_STORE) file left on a publicly accessible web server that belongs to Microsoft...
SMBeagle – Fileshare Auditing Tool That Hunts Out All Files It Can See In The Network And Reports If The File Can Be Read And/Or Written
SMBeagle is an (SMB) fileshare auditing tool that hunts out all files it can see in the network and reports...
SonicWall strongly urges customers to apply patches to SMA 100 devices
SonicWall strongly urges customers using SMA 100 series appliances to install security patches that address multiple security flaws, some of...
CS Energy foiled a ransomware attack
A cyberattack hit CS Energy in Australia on Saturday, November 27, experts believe the attack was orchestrated by Chinese hackers....
Fileless-Xec – Stealth Dropper Executing Remote Binaries Without Dropping Them On Disk
Certainly useful , mainly for fun, rougly inspired by 0x00 article Pentest use: fileless-xec is used on target machine to...
Emotet directly drops Cobalt Strike beacons without intermediate Trojans
The Emotet malware continues to evolve, in the latest attacks, it directly installs Cobalt Strike beacons to give the attackers...
KaliIntelligenceSuite – Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools
Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing...
