North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro
North Korea-linked APT Lazarus targets security researchers using a trojanized pirated version of the popular IDA Pro reverse engineering software....
hacking
Microsoft rolled out emergency updates to fix Windows Server auth failures
Microsoft has released out-of-band security updates to address authentication issues affecting Windows Server. Microsoft has released out-of-band updates to fix...
Happy 10th Birthday, Security Affairs
Ten years together! I’m very excited. I launched Security Affairs for passion in 2011 and millions of readers walked with...
Cumulus – Web Application Weakness Monitoring, It Would Be Working By Add Just 3 Codelines
Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on...
QAKBOT Trojan returns using Squirrelwaffle as a dropper
Experts warn of a surge in infections of the QBot (aka Quakbot) banking trojan which seems to be associated with...
Two Sony PS5 exploits disclosed the same day
Threat actors stole PS5 root keys using kernel exploits demonstrating the need to improve the security of the popular gaming...
ENISA – The need for Incident Response Capabilities in the health sector
ENISA analyzed the current state of development of sectoral CSIRT capabilities in the health sector since the implementation of the...
Updated: Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email...
FTC shares guidance for small businesses to prevent ransomware attacks
The US Federal Trade Commission (FTC) has shared guidance for small businesses on how to increase resilience to ransomware attacks....
ChopChop – ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders
ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the Michelin CERT.Its goal...
Threat Report Portugal: Q3 2021
The Threat Report Portugal: Q3 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q3, of 2021....
Security Affairs newsletter Round 340
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email...
GravityRAT returns disguised as an end-to-end encrypted chat app
Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors...
Canadian Furious Beaver – A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities
Furious Beaver is a IRP detailsIRP replayConceptIrpDumper.sys is the driver part of the CFB Broker that will auto-extract and install...
Intel and AMD address high severity vulnerabilities in products and drivers
Chipmakers Intel and AMD addressed several vulnerabilities in their products, including high-risk issues in software drivers. Intel and AMD released...
New evolving Abcbot DDoS botnet targets Linux systems
Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from...
AzureHunter – A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
A Powershell module to run UsageEnsure you connect to ExchangeOnlineIt's recommended that you run Connect-ExchangeOnline before running any AzureHunter commands....
Retail giant Costco discloses data breach, payment card data exposed
Costco Wholesale Corporation discloses a data breach, threat actors had access to customers’ payment card information. Retail giant Costco Wholesale...
HTML Smuggling technique used in phishing and malspam campaigns
Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are...
Ad-Honeypot-Autodeploy – Deploy A Small, Intentionally Insecure, Vulnerable Windows Domain For RDP Honeypot Fully Automatically
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.Runs on self-hosted The images should be ready...
macOS Zero-Day exploited in watering hole attacks on users in Hong Kong
Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong....
Abaddon – Make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities
Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating...
How we broke the cloud with two lines of code: the full story of ChaosDB
Wiz Research Team disclosed technical details about the discovery of the ChaosDB vulnerability in Azure Cosmos DB database solution. In...
