Threat actors stole $120 M in crypto from BadgerDAO DeFi platform
Threat actors stole $120 million in cryptocurrencies from multiple wallets connected to the decentralized finance platform BadgerDAO. Threat actors this...
hacking
ClusterFuzzLite – Simple Continuous Fuzzing That Runs In CI
ClusterFuzzLite is a continuous fuzzing solution that runs as part of Continuous Integration (CI) workflows to find vulnerabilities faster than...
Watch out for Omicron COVID-19-themed phishing messages!
Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure...
CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues
U.S. CISA urges to address vulnerabilities Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software. U.S. Cybersecurity and Infrastructure Security...
Crawpy – Yet Another Content Discovery Tool
Yet another An example run with auto calibration and recursive mode enabled Example reports Example reports can be found here...
Russian internet watchdog Roskomnadzor bans six more VPN services
Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia...
NginRAT – A stealth malware targets e-store hiding on Nginx servers
Threat actors are targeting e-stores with remote access malware, dubbed NginRAT, that hides on Nginx servers bypassing security solutions. Researchers...
Kerberoast – Kerberoast Attack -Pure Python-
Kerberos attack toolkit -pure python-Â Install pip3 install kerberoast Prereqirements Python 3.6 See requirements.txt For the impatient IMPORTANT: the accepted...
Europol arrested 1800 money mules as part of an anti-money-laundering operation
Europol identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7....
Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library
Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has...
ShonyDanza – A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain...
VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs)
VirusTotal announced VirusTotal Collections, a new service that allows security researchers to share sets of Indicators of Compromise (IoCs). VirusTotal...
New RTF Template Inject technique used by APT groups in recent attacks
Nation-state actors from China, India, and Russia, were spotted using a novel RTF template injection technique in recent attacks. APT...
XC – A Small Reverse Shell For Linux And Windows
Netcat like reverse shell for Linux & Windows. Features WindowsUsage:â”” Shared Commands: !exit !upload <src> <dst> * uploads a file...
FBI training document shows lawful access to multiple encrypted messaging apps
Which are the most secure encrypted messaging apps? An FBI document shows what data can be obtained from them. The...
Sabbath Ransomware target critical infrastructure in the US and Canada
Sabbath ransomware is a new threat that has been targeting critical infrastructure in the United States and Canada since June...
Play the Opera Please – Opera patches a flaw in their turbo servers
Opera released a mini patch for a vulnerability in their turbo servers that dates back to 2018. Prior approval are...
ZipExec – A Unique Technique To Execute Binaries From A Password Protected Zip
ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then...
New EwDoor Botnet is targeting AT&T customers
360 Netlab experts spotted a new botnet dubbed EwDoor that infects unpatched AT&T enterprise network edge devices. Experts from Qihoo 360’s...
Critical Printing Shellz flaws impact 150 HP multifunction printer models
Researchers discovered a critical wormable buffer overflow vulnerability that affects 150 different HP multifunction printer models (MFPs). Cybersecurity researchers from...
WIRTE APT group targets the Middle East since at least 2019
A threat actor named WIRTE targets government, diplomatic entities, military organizations, law firms, and financial institutions in Middle East. Cybersecurity...
Kit_Hunter – A Basic Phishing Kit Scanner For Dedicated And Semi-Dedicated Hosting
Kit Hunter: A basic phishing kit detection tool Version 2.6.0 28 September 2021 Testing and development took place on Python...
4 Android banking trojans were spread via Google Play infecting 300.000+ devices
Experts found four Android banking trojans that were available on the official Google Play Store and that infected +300,000 devices....
Google experts found 2 flaws in video conferencing software Zoom
Google Project Zero researchers have discovered two vulnerabilities in the video conferencing software Zoom that expose users to attacks. Security...
