Threat actors hacked a server of a Queensland water supplier and remained undetected for 9 months
Threat actors compromised a server managing customer data for a Queensland water supplier and remained undetected for nine months. A...
hacking
DoJ sentenced to 10 years Russian ‘King of Fraud’ behind the fraud scheme 3ve
The US DoJ sentenced a Russian man for operating a large-scale digital advertising fraud scheme called Methbot (‘3ve’). The US...
Iranian threat actors attempt to buy stolen data of US organizations, FBI warns
The FBI warned private industry partners of attempts by an Iranian threat actor to buy stolen information belonging to US...
Covert-Control – Google Drive, OneDrive And Youtube As Covert-Channels – Control Systems Remotely By Uploading Files To Google Drive, OneDrive, Youtube Or Telegram
Control systems remotely by uploading files to Google Drive, OneDrive, After finding there is Installationsudo apt install libzbar0pip install bs4...
CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN
Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Palo Alto Networks...
Sophisticated Android spyware PhoneSpy infected thousands of Korean phones
South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing...
VMware discloses a severe flaw in vCenter Server that has yet to fix
VMware announced it is working on patches for an important severity privilege escalation vulnerability affecting vCenter Server. VMware announced it’s...
A flaw in WP Reset PRO WordPress plugin allows wiping the installation DB
A critical vulnerability in the WP Reset PRO WordPress plugin can allow an authenticated user to wipe the entire database...
FormatFuzzer – A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes...
Citrix addresses a critical flaw in ADC, Gateway
Citrix addressed two vulnerabilities affecting Citrix ADC, Gateway, and SD-WAN, one of them is a critical issue leading to DoS....
Taiwan Government faces 5 Million hacking attempts daily
Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five...
Experts found 14 new flaws in BusyBox, millions of devices at risk
Researchers have identified a total of 14 new vulnerabilities in BusyBox that expose million of Unix-based devices to cyberattacks. Researchers...
RottenPotatoNG – A C++ DLL And Standalone C++ Binary – No Need For Meterpreter Or Other Tools
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools....
TeamTNT group targets poorly configured Docker servers exposing REST APIs
TeamTNT hackers are targeting poorly configured Docker servers as part of an ongoing campaign that started in October. Trend Micro...
Robinhood data breach exposes 7 Million users’ information
Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. Robinhood Markets,...
Microsoft Patch Tuesday security updates for November 2021 fix 2 Zero-Days actively exploited
Microsoft Patch Tuesday security updates for November 2021 address 55 vulnerabilities in multiple products and warn of two actively exploited...
Private Set Membership (PSM) – Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client's identifier is a...
Clop gang exploiting CVE-2021-35211 RCE in SolarWinds Serv-U in recent attack
The Clop ransomware gang is exploiting CVE-2021-35211 vulnerability in SolarWinds Serv-U to compromise corporate networks. Threat actors always look for...
Internationa law enforcement arrested REvil ransomware affiliates in Romania and Kuwait
Romanian police arrested two alleged Sodinokibi/REvil ransomware affiliates accused to have orchestrated attacks against thousands of victims. Romanian law enforcement...
Ddosify – High-performance Load Testing Tool
FeaturesProtocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other Note: If the request count is too low for the...
US DoS offers a reward of up to $10M for leaders of REvil ransomware gang
The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department...
Ukrainian REvil affiliate charged with Ransomware Attack on Kaseya
The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP...
Ransomware attack disrupted store operations in the Netherlands and Germany
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail...
Koppeling – Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking"...
