CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN
Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Palo Alto Networks...
hacking
Sophisticated Android spyware PhoneSpy infected thousands of Korean phones
South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing...
VMware discloses a severe flaw in vCenter Server that has yet to fix
VMware announced it is working on patches for an important severity privilege escalation vulnerability affecting vCenter Server. VMware announced it’s...
A flaw in WP Reset PRO WordPress plugin allows wiping the installation DB
A critical vulnerability in the WP Reset PRO WordPress plugin can allow an authenticated user to wipe the entire database...
FormatFuzzer – A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes...
Citrix addresses a critical flaw in ADC, Gateway
Citrix addressed two vulnerabilities affecting Citrix ADC, Gateway, and SD-WAN, one of them is a critical issue leading to DoS....
Taiwan Government faces 5 Million hacking attempts daily
Taiwan ‘s government agencies face around five million cyberattacks and probes every day, most of them from China. Around five...
Experts found 14 new flaws in BusyBox, millions of devices at risk
Researchers have identified a total of 14 new vulnerabilities in BusyBox that expose million of Unix-based devices to cyberattacks. Researchers...
RottenPotatoNG – A C++ DLL And Standalone C++ Binary – No Need For Meterpreter Or Other Tools
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools....
TeamTNT group targets poorly configured Docker servers exposing REST APIs
TeamTNT hackers are targeting poorly configured Docker servers as part of an ongoing campaign that started in October. Trend Micro...
Robinhood data breach exposes 7 Million users’ information
Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. Robinhood Markets,...
Microsoft Patch Tuesday security updates for November 2021 fix 2 Zero-Days actively exploited
Microsoft Patch Tuesday security updates for November 2021 address 55 vulnerabilities in multiple products and warn of two actively exploited...
Private Set Membership (PSM) – Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client's identifier is a...
Clop gang exploiting CVE-2021-35211 RCE in SolarWinds Serv-U in recent attack
The Clop ransomware gang is exploiting CVE-2021-35211 vulnerability in SolarWinds Serv-U to compromise corporate networks. Threat actors always look for...
Internationa law enforcement arrested REvil ransomware affiliates in Romania and Kuwait
Romanian police arrested two alleged Sodinokibi/REvil ransomware affiliates accused to have orchestrated attacks against thousands of victims. Romanian law enforcement...
Ddosify – High-performance Load Testing Tool
FeaturesProtocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other Note: If the request count is too low for the...
US DoS offers a reward of up to $10M for leaders of REvil ransomware gang
The U.S. government offers up to $10 million for identifying or locating leaders in the REvil/Sodinokibi ransomware operation The Department...
Ukrainian REvil affiliate charged with Ransomware Attack on Kaseya
The US DoJ has charged a REvil ransomware affiliate that is suspected to have orchestrated the attack on Kaseya MSP...
Ransomware attack disrupted store operations in the Netherlands and Germany
Electronics retail giant MediaMarkt was hit by a ransomware attack that disrupted store operations in the Netherlands and Germany. Electronics retail...
Koppeling – Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking"...
Healthcare – Patient or Perpetrator? – The Cybercriminals Within
The healthcare industry might be known for the work it does to treat patients. But it is also a prime...
Operation Cyclone targets Clop Ransomware affiliates
Operation Cyclone – Six alleged affiliates with the Clop ransomware operation were arrested in an international joint law enforcement operation...
Kunyu – More Efficient Corporate Asset Collection
Kunyu, More Efficient Corporate Asset Collection 0x00 IntroduceTool introductionKunyu (kunyu), whose name is taken from , is actually a professional...
Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw
Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting...
