Prometheus endpoint unprotected installs could expose sensitive data
Experts discovered several unprotected installs of open source event monitoring solution Prometheus that may expose sensitive data. JFrog researchers have...
hacking
Sinclair TV stations downtime allegedly caused by a ransomware attack
A ransomware attack is likely the cause of the recent downtime for TV stations owned by the Sinclair Broadcast Group...
ImpulsiveDLLHijack – C# Based Tool Which Automates The Process Of Discovering And Exploiting DLL Hijacks In Target Binaries
C# based tool which automates the process of discovering and 4. Examples:Target Executable: OneDrive.exeStage: DiscoveryStage: ExploitationSuccessful DLL Hijacks: Unsuccessful DLL Hijacks: DLL...
REvil ransomware operation shuts down once again
It seems that the REvil ransomware operation has shut down once again after a threat actor has hijacked their Tor...
Experts spotted an Ad-Blocking Chrome extension injecting malicious ads
Researchers warn of an Ad-Blocking Chrome extension that was abused by threat actors to Injecting Ads in Google search pages....
Fapro – Free, Cross-platform, Single-file mass network protocol server simulator
FaPro is a Fake Protocol Server tool, Can easily start or stop multiple network services.The goal is to support as...
Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest
White hat hackers earned $1.88 million at the Tianfu Cup hacking contest by finding vulnerabilities in popular software. The Tianfu...
Twitch security breach had minimal impact, the company states
Twitch provided an update for the recent security breach, the company confirmed that it only had a limited impact on...
DorkScout – Golang Tool To Automate Google Dork Scan Against The Entiere Internet Or Specific Targets
dokrscout is a tool to automate the finding of Install wordliststo start scanning you'll need some dork lists and to...
Ecuador’s Banco Pichincha has yet to recover after recent cyberattack
The customers of Banco Pichincha, the largest bank in Ecuador, are still experiencing service disruptions after a massive cyberattack hit...
Trickbot spreads malware through new distribution channels
TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The operators behind the infamous TrickBot...
Domain-Protect – Protect Against Subdomain Takeover
Protect Against Subdomain Takeoverscans Amazon Route53 across an AWS Organization for domain records vulnerable to takeovervulnerable domains in Google Cloud...
Russia-Linked TA505 targets financial institutions in a new malspam campaign
Russia-linked TA505 group leverages a lightweight Office file to spread malware in a campaign, tracked as MirrorBlast, aimed at financial...
Packet-Sniffer – A pure-Python Network Packet Sniffing Tool
A simple pure-Python network packet sniffer. Packets are disassembled as they arrive at a given network interface controller and their...
US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments
The U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) linked roughly $5.2 billion worth of Bitcoin transactions to ransomware. The...
Accenture discloses data breach after LockBit ransomware attack
IT and consulting giant Accenture confirmed a data breach after the ransomware attack conducted by LockBit operators in August 2021....
Crawlergo – A Powerful Browser Crawler For Web Vulnerability Scanners
crawlergo is a browser crawler that uses chrome headless mode for URL collection. It hooks key positions of the whole...
Juniper Networks released +40 security advisories to fix +70 vulnerabilities
Cybersecurity provider Juniper Networks released more than 40 security advisories to address over 70 vulnerabilities that affect its solutions. Cybersecurity...
Boffins devise a new side-channel attack affecting all AMD CPUs
A group of researchers from the Graz University of Technology and CISPA Helmholtz Center for Information Security devised a new...
Networkit – A Growing Open-Source Toolkit For Large-Scale Network Analysis
NetworKit is an open-source tool suite for high-performance network analysis. Its aim is to provide tools for the analysis of...
Three more ransomware attacks hit Water and Wastewater systems in 2021
A joint cybersecurity advisory published by US agencies revealed that three ransomware attacks on wastewater systems this year. A joint cybersecurity advisory published...
WhatsApp made available end-to-end encrypted chat backups
WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats. WhatsApp is...
Since 2020, at least 130 different ransomware families have been active
The popular Google’s VirusTotal scanning service has published an interesting analysis of more than 80 Million ransomware samples. VirusTotal has...
ForgeCert – “Golden” Certificates
ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for...
