New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks
Security researchers discovered a new Linux RAT, tracked as CronRAT, that hides in scheduled cron jobs to avoid detection. Security...
hacking
Nanobrok – Web Service For Control And Protect Your Android Device Remotely
Web Service write in Python for control and protect your android device remotely. The official app can be found on the...
Several GoDaddy brands impacted in recent data breach
Recently disclosed data breach impacted several of its brands, including Domain Factory, Heart Internet, Host Europe, Media Temple, tsoHost and...
Iranian threat actors exploit MS MSHTML bug to steal Google and Instagram credentials
An Iranian threat actor is stealing Google and Instagram credentials of Farsi-speaking targets by exploiting a Microsoft MSHTML bug. Researchers...
LOLBins – PyQT5 App For LOLBAS And GTFOBins
PyQT app to list all Download LOLBins If you like the site, please consider joining the telegram channel or supporting...
FBI warns of crooks targeting online shoppers during the holiday season
The Federal Bureau of Investigation (FBI) warns of cybercriminals targeting online shoppers during the holiday season. The FBI warns of...
VMware addresses File Read and SSRF flaws in vCenter Server
VMware addressed arbitrary file read and server-side request forgery (SSRF) vulnerabilities in its vCenter Server product. VMware this week addressed...
Redherd Framework -A Collaborative And Serverless Framework For Orchestrating A Geographically Distributed Group Of Assets
RedHerd is a collaborative and DisclaimerThe provided contents and tools are for awareness and research purposes only. Our target audience...
A vulnerable honeypot exposed online can be compromised in 24 hours
Researchers deployed multiple instances of vulnerable systems and found that 80% of the 320 honeypots were compromised within 24 hours. Researchers...
Whoc – A Container Image That Extracts The Underlying Container Runtime
A Wait-For-Exec ModeFor statically linked container runtimes, whoc comes in another flavor: whoc:waitforexec.upload_runtime is the image entrypoint, and runs as...
Apple sues NSO Group for abusing state-sponsored Pegasus spyware
Apple has filed suit to ban the Israeli surveillance firm NSO Group and parent company Q Cyber Technologies from using...
Expert discloses details of flaws in Oracle VirtualBox
A vulnerability in Oracle VM VirtualBox could be potentially exploited to compromise the hypervisor and trigger a denial-of-service (DoS) condition....
Malware are already attempting to exploit new Windows Installer zero-day
Vxers are already attempting to use the proof-of-concept exploit code targeting a new Microsoft Windows Installer zero-day publicly disclosed on...
Android.Cynos.7.origin trojan infected +9 million Android devices
Researchers spotted dozens of games on Huawei’s AppGallery catalog containing the Android.Cynos.7.origin trojan. Researchers from Dr. Web AV discovered 190 games on...
Whispers – Identify Hardcoded Secrets In Static Structured Text
"My little birds are everywhere, even in the North, they whisper to me the strangest stories." - Lord VarysWhispers is...
Experts warn of RCE flaw in Imunify360 security platform
A flaw in CloudLinux’s Imunify360 security product could have been exploited by an attacker for remote code execution. Cisco’s Talos...
Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug
A researcher has released a proof-of-concept exploit code for an actively exploited vulnerability affecting Microsoft Exchange servers. The researcher Janggggg has...
Expert disclosed an exploit for a new Windows zero-day local privilege elevation issue
A researcher publicly disclosed an exploit for a new Windows zero-day local privilege elevation that can allow gaining admin privileges....
UDP-Hunter – Network Assessment Tool For Various UDP Services Covering Both IPv4 And IPv6 Protocols
UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the...
US govt warns critical infrastructure of ransomware attacks during holidays
US CISA and the FBI issued a joint alert to warn critical infrastructure partners and public/private organizations of ransomware attacks...
New GoDaddy data breach impacted 1.2 million customers
GoDaddy suffered a data breach that impacted up to 1.2 million of its managed WordPress customer accounts. GoDaddy discloses a...
ThreatBox – A Standard And Controlled Linux Based Attack Platform
ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started...
Utah Imaging Associates data breach impacts 583,643 patients
Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients. Utah Imaging...
Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite
Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for...
